One OKTA tenant configuration
Configuration in OKTA for ZFlow
Take note of ClientID and Client Secret in OKTA. Set the Grant type to Authorization Code as shown below.
Add the following in OKTA
- Sign-in redirect URI – https://zflowservername/zflow/oktasso
- Sign-out redirect URI – https://zflowservername/zflow/nui/logout.jsp
- Assignments – select among options based on your company policy
Configuration in ZFlow
Add the configuration properties as shown below
- OKTA_CLIENTID
- OKTA_CLIENTSECRET
- OKTA_URL
Second OKTA tenant configuration (for suppliers)
The second OKTA tenant configuration is used when suppliers are set up to use a different OKTA tenant. The configuration in OKTA for ZFlow remains the same. In ZFlow, you need to add the second OKTA (OKTA2) configuration, as shown below. The Supplier login page then uses the second OKTA tenant for authentication and access.
- OKTA2_CLIENTID
- OKTA2_CLIENTSECRET
- OKTA2_URL
Use the following in OKTA’s second tenant configuration
- Sign-in redirect URI – https://zflowservername/zflow/okta2sso
- Sign-out redirect URI – https://zflowservername/zflow/okta2signout
- Assignments – select among options based on your company policy
