Okta Integration
Last updated
Was this helpful?
Last updated
Was this helpful?
These instructions will help administrators configure Fiddler for use with an existing Okta single sign-on application.
Set up an in Okta:
Select "Web Application" as the application type.
Configure the following URLs (replace {base_url} with your Fiddler deployment URL):
Sign-in redirect URI - {base_url}/api/sso/okta/callback
Sign-out redirect URI - {base_url}
Base URI - {base_url}
Enable "Authorization Code" grant for user authorization.
Copy the client credentials from the "General" section:
Share the following details with the Fiddler services team:
Okta domain
Client ID
Client Secret
Okta Account Type (default or custom)
Create a <secret-filename>.yaml file using this template:
Important:
Base64 encode all values (On macOS, use
echo -n "string to encode" | base64).Do not use double quotes in any values.
You can retrieve Okta URLs from
https://<okta_domain>/.well-known/openid-configuration.
Apply the Kubernetes secret to your cluster:
Update your Helm values file with these settings:
Note: The new SSO settings apply once deployments are updated.
After setup is complete:
Go to the Fiddler login page.
Click "Sign in with SSO".
Complete authentication on the Okta login screen.
If authentication succeeds, you'll be redirected to the Fiddler homepage.
Users must register with Fiddler using an invitation link from their Fiddler Org Admin before using SSO (unless auto-provisioning is configured).
Fiddler stores only the user's first name, last name, email address, and OIDC token.
Note your Okta domain and set up the in the "Sign On" section:
For API access, you need to create an access token from the "Credentials" tab in Fiddler's page (direct Okta authentication isn't supported for APIs).
