Initial Setup
      Back to home
      1. Inspire Online Help Center
      2. Administration - Settings & General
      3. Initial Setup

      Migrate to Okta OIDC

      In an ongoing effort to maintain a high level of security and promote modern authentication standards, we have decided to migrate our Okta SAML (Security Assertion Markup Language) integration to use OIDC (OpenID Connect), instead.

      SAML is still widely used as an Enterprise SSO solution for many organizations, but it is based on an older XML-based protocol. It is well suited for standard SSO but not for modern APIs or mobile systems. OIDC is well suited for evolving systems leveraging APIs and supporting mobile clients. It is built on top of OAuth 2.0 (Open Authentication). 


      The following steps are necessary to manually configure your Okta OIDC connection to Inspire. The process is relatively straight forward for an Okta admin and provides all the same security benefits that are getting today with your SAML integration. Please follow the guide below to get started. 

      Setup Overview 

      Create a new OIDC application 


      As an Okta admin, login to your Okta dashboard. From the menu on the left, expand Applications and choose the Applications sub menu item. 

      From the Applications page, choose "Create App Integration".

      From the “Create a new app integration” modal window, choose the following options and then choose next. 
      • Sign-in method: OIDC – OpenID Connect 
      • Application Type: Single-Page Application 


      From the “New Single-Page App Integration” edit page, provide the following information (only the field listed below are required. You may configure other fields base on your organizational policy).

      App integration name Inspire
      Logo

      Save the image below and upload it if you prefer to use the Inspire logo. 

      A white text on a black background Description automatically generated
      Sign-in redirect URIs

      https://app.inspiresoftware.com/api/auth/oktaloginredirect

      https://app.inspiresoftware.com/blank.html
      *These URIs must be in the order shown for SSO to work from your Okta dashboard.
      Sign-out redirect URI https://app.inspiresoftware.com
      Grant type Authorization Code, Refresh Token
      Controlled access Select the option based on your security policy (Allow everyone, limit access to selected groups)
      User consent Require consent
      Privacy Policy URI * https://inspiresoftware.com/privacy-policy/
      Terms of Service URI * https://inspiresoftware.com/terms-and-conditions/
      Login initiated by Choose the option that suits your organization
      Application visibility Display application icon to users
      Login flow Send ID Token directly to app

      *Optional

       

      Add Inspire as a Trusted Origin

      From the left menu, choose "Security > API > Trusted Origins"

      Choose "Add Origin"

      Origin name: Inspire Software

      Origin URL: https://inspiresoftware.com

      Ensure all options below are selected:

      Save your changes and proceed to the next step

      Send Entity ID to Inspire Software

      Before you can test your Inspire Authentication, you will need to send your entity ID for this new integration to it@inspiresoftware.com with the following information: 

      • Send to the following email address: it@inspiresoftware.com
      • Subject: Okta OIDC Entity ID
      • Body: Entity ID, Company Name

      Test Authentication 


      After you have sent your Entity ID to the email address listed above, someone will reach out to you to test your authentication. Your Entity ID will have to be connected to your Inspire instance before anyone in your organization will be able to log in.