Single Sign-on (SSO) Configuration with OKTA

One OKTA tenant configuration

Configuration in OKTA for ZFlow

Take note of ClientID and Client Secret in OKTA. Set the Grant type to Authorization Code as shown below.



Add the following in OKTA

  • Sign-in redirect URI – https://zflowservername/zflow/oktasso
  • Sign-out redirect URI – https://zflowservername/zflow/nui/logout.jsp
  • Assignments – select among options based on your company policy



Configuration in ZFlow

Add the configuration properties as shown below



Second OKTA tenant configuration (for suppliers)

The second OKTA tenant configuration is used when suppliers are set up to use a different OKTA tenant. The configuration in OKTA for ZFlow remains the same. In ZFlow, you need to add the second OKTA (OKTA2) configuration, as shown below. The Supplier login page then uses the second OKTA tenant for authentication and access.




Use the following in OKTA’s second tenant configuration

  • Sign-in redirect URI – https://zflowservername/zflow/okta2sso
  • Sign-out redirect URI – https://zflowservername/zflow/okta2signout
  • Assignments – select among options based on your company policy