Okta OIDC Configuration for Self-Hosted Web App
If you're looking to authenticate your self-hosted web application with Okta OIDC and the external domain of the app differs from its internal domain, you'll need to follow a few steps.
Prerequisites
Before you start, make sure your self-hosted web application meets the following prerequisites:
- Axis rewrites the application's host portion (The external domain is different from the internal domain).
![Example - Origin URL is different that exter](https://files.readme.io/18552ca-small-Screen_Shot_2023-05-07_at_15.51.31.png)
Example: Internal domain (Local Address) differs from external domain (Remote Address)
- The web application is authenticated using Okta OIDC - OpenID Connect authentication.
![Application should be defined with as OIDC - OpenID Connect as Sign-in method](https://files.readme.io/f982b16-small-Screen_Shot_2023-05-07_at_13.09.36.png)
Your Okta application should be defined with OIDC - OpenID Connect as the sign-in method
Step 1: Verify Application's Additional Domains
- In the Axis Management Console, go to Settings -> Applications. Then find the web application and click on Edit.
- Click on Advanced Settings.
![](https://files.readme.io/d61b129-small-Screen_Shot_2023-05-07_at_15.40.36.png)
- Review the Additional Domains and check if it contains Okta domains (or your organization's Okta custom domains, if applicable). If it does, remove them.
![](https://files.readme.io/880320d-small-Screen_Shot_2023-05-07_at_13.12.01.png)
Step 2: Edit General Settings in Okta
- In your Okta console, navigate to Applications → Applications.
- Select the Okta application that is used to authenticate the web application.
- Navigate to the General tab.
- Scroll to the General Settings section and click on Edit.
![](https://files.readme.io/b9a159f-small-Screen_Shot_2023-05-07_at_13.15.40.png)
- In the Login section, in the Sign-in redirect URIs field, click on Add URI.
![](https://files.readme.io/c7075fe-small-Screen_Shot_2023-05-07_at_13.16.37.png)
- Copy the existing URI into the new URI item, and replace the original domain with the web application's external domain.
![](https://files.readme.io/cffa696-small-Screen_Shot_2023-05-07_at_13.17.00.png)
- Click on Save.
![You should see the external domain along with the original domain](https://files.readme.io/af2b90a-small-Screen_Shot_2023-05-07_at_13.17.26.png)
You should see the external domain along with the original domain
Updated about 1 year ago