The following applies if you are using a version of the software before Update 23. For the latest information, see Create a new application.
-
Select the Applications tab, and click Add Application > Create New App.
-
In the Create a New Application Integration dialog box, enter Native App in the Platform field, and click Create.
-
In the SETTINGS section, enter details as shown in the following example:
Setting
Example
Description
Application Name
SDx Web Client
The name of the client application.
Configure OpenID Connect
Login redirect URIs
https://[localhostserver]/spfwebclient/
https://[localhostserver]/
spfwebclient/ _session.html
Logout redirect URIs
https://[localhostserver]/spfwebclient/
Okta sends the authorization response to these URIs. You must add your application's callback endpoint.
All URIs are case sensitive.
For a separate logout redirect URL, see note below.
Application types
Native
Select OpenID Connect protocol to log users into the built application.
Grant type allowed
Authorization Code (default)
Refresh Token
Resource Owner Password
Implicit (Hybrid)
Okta authorizes your native application requests with these OAuth grant types.
Select all the displayed grant types.
-
Click Save.
-
In the LOGIN section, enter details as shown in the following example:
Setting
Example
Logout redirect URI
https://okta-spf.12345.com/spfwebclient
Initiate login URI
https://okta-spf.12345.com/spfwebclient
You can use a separate logout redirect URL to avoid authentication loops. For more information, see Post logout redirect authentication loop.
-
Click Save.
-
In the CREDIT CREDENTIALS section, select the Use Client Authentication button, and click Save.
-
Record the Client ID and Client secret for use in configuring the Web Client settings. For example:
Setting
Example
Client id
0oag04x1t1cW5miJS0h7
Client secret
It9esxDiFKwt-HfRwBDYux4zjP4nAtM2Y3L0Nh0P
-
In the Assignments tab, select Assign, and click Assign to Groups.
-
Select the previously configured group, such as SDxGroup, and click Assign.
All log in, log out, redirect, or initiate URIs must be in lowercase.