SFTP
      Back to home
      1. Klir Knowledge Hub
      2. Administration
      3. SFTP

      Klir Platform SFTP - Okta Integration Instructions

      Purpose

      This document provides technical administrators detailed instructions for configuring Okta Single Sign-On (SSO) integration with the Klir platform. This integration aims to enable users to seamlessly and securely access the Klir platform using their organization’s Okta credentials. By following the steps outlined, administrators will ensure a smooth setup process, enhancing both security and user experience for Klir system access through centralized authentication.


      Requirements

      To configure the Okta SSO integration with Klir’s system, the technical administrator must have Okta Administrator Access. This level of access is essential to create, configure, and manage applications within the organization’s Okta instance. Administrator privileges will allow the setup of the necessary integration settings and assignment of the application to appropriate user groups, ensuring users can authenticate seamlessly with Klir’s system.


      Step 1: Create a New App Integration


      Navigate to the Applications Section

      • In the OKTA admin console, go to the Applications section on the left sidebar.
      • Click on Create App Integration to initiate a new app integration.


      Create a New App Integration

      • For the Sign-in method, select OIDC - OpenID Connect.
      • Under Application type, choose Web Application.
      • Click Next to proceed.


      Configure the New Web App Integration

      • Set the App integration name as your desired name (e.g., "Klir SSO").
      • Under Grant type, check Client Credentials and Implicit (hybrid) under the Advanced option.
      • In the Sign-in redirect URIs, add the required redirect URI for your app, such as https://xxx.klir.com/account/login, replacing "xxx" for your Klir subdomain.
      • Leave the Sign-out redirect URIs field blank.
      • For Assignments, choose Skip group assignment for now.
      • Click Save to save this configuration.


      Review Application Details

      • After saving, the application’s Client ID and Client Secret are generated. These credentials are essential for API authentication and integration.
      • You may download or copy these credentials for secure storage or further use.

      Step 2: Assign the Application to a Group


      Navigate to the Groups Section

      • Go to the Directory section on the sidebar, then select Groups.
      • Choose the Everyone group (or the specific group you want to assign the app to).

      • Under the Applications tab, click on Assign Applications.

      • Find the newly created app (e.g., "Klir SSO"), click Assign, and then confirm by clicking Done.

      fi

      Final Step: Obtain OpenID Configuration

      With the app registration successfully created and configured, you now only need to gather a few key details and share them with Klir to complete the process.


      Obtain Client ID and Client Secret

      • Navigate back to the Application section.
      • Find the Klir SSO application and click on it.

      • Find and copy the Client ID and Client Secret information

      Obtain the Issuer and Authorization endpoint

      • Access the OpenID configuration endpoint at the Open ID configuration endpoint by adding  /.well-known/openid-configuration at the end of your OKTA application URL.
      • Copy the values for the issuer and authorization endpoint.

      Send App information to Klir 

      Once you have retrieved all the necessary details from your app registration, please share the following information with Klir’s Customer Success Manager:

      • Client ID
      • Client Secret
      • Issuer
      • Authorization Endpoint

      This information is essential for completing the Okta SSO integration with Klir’s system.