Identity management at NewStore via Okta
Pre-requisites​
To set up an identity management application to manage authentication for NewStore apps, ensure that you have access to:
- Omnichannel Manager
- Okta admin console
To enable users from your corporate directory to be able to use the NewStore applications, you have to create users, assign them to a store, and assign relevant roles in NewStore.
Setting up Okta with NewStore​
This process involves working with Okta and Omnichannel Manager in tandem. Ensure you have access to both before you proceed.
Log into your Okta admin console and go to
Applications
>Applications
.Click
Create App Integration
.In the
Sign-in method
area, selectOIDC - OpenID Connect
, and in theApplication type
area, selectWeb Application
.Click
Next
.In the
New Web App Integration
screen that appears:In
App integration name
, enter eitherNewStore Staging
orNewStore Production
, based on the NewStore environment for which you are setting up the integration.In
Sign-in redirect URIs
, keep the default entry for nowIn
Controlled access
, selectSkip group assignment
.noteIf you know which of your Okta groups should gain access to NewStore, configure them via
Limit access to selected groups
.Click
Save
.
In the
NewStore <Environment>
screen that appears, save the following values in a safe place. You'll need them in the next step.Client ID
Client secret
Okta domain
> you can copy the domain from the address bar in your browser, such as<your_sub_domain>.okta.com
Open the
Omnichannel Manager
in a separate tab.Click
Settings
>Users & Roles
>Single Sign-On
.Click
Configure Single Sign-On
.Select Vendor
OKTA
.Fill in the saved data from step 6.
Secret
Client ID
Okta domain
Click
Connect
.Switch back to
Okta admin console
tab.Scroll down to the
General Settings
section and clickEdit
Replace the default
Sign-in redirect URI
with theRedirect URI
from theOmnichannel Manager
tab.Replace the default
Sign-out redirect URI
with theLogout URL
from theOmnichannel Manager
tab.Click
Save
Allow access to your
NewStore Staging
andNewStore Production
environments by assigning Okta groups to the respective applications.Create a test user and assign it to an Okta group that has access to both
NewStore Staging
andNewStore Production
environments.You can remove this test user after verifying with NewStore that the Okta integration has been successfully completed.
Single Sign-on is now successfully configured with Okta.
Updating client secrets in Omnichannel Manager​
Log into your Okta admin console and go to
Applications
>Applications
.Search for
NewStore
Open the application you want to update
In the
Client Secrets
section > ClickGenerate new secret
Open
Omnichannel Manager
.Click
Settings
>Users & Roles
>Single Sign-On
.Click on the displayed name
OKTA
.Paste the new secret value in
Secret
form.ImportantEnsure this secret exists and is valid in Okta. There is no way to revert after updating the secret.
Click
Update
.Click
Confirm
.
You have successfully rotated your secret.
Related topics