Where do I begin?

May seem like a silly question, but where and how do I begin.
I have a developer account dev-1234567890.okta.com but then what?
Do I need to set up an IDP? If so which one?
Do I need to set up an Application? If so what should the values be?

All I want to do is setup something get something with a valid configuration in OKTA with SAML and OPENID. The guides that I found on the site are not helping me out. I would like a simple as possible guide/tutorial with instructions on how I can verify that it’s working.
For instance I don’t know if I need to set up a generic OKTA OpenID or a generic OKTA SAML…doesn’t OKTA already have this?
A guide I found the other day on the OKTA site said that you should be able to simply put the authorize URL in the web browser to test it out. I’ve lost that page, spent about 90 minutes looking for it and then tried browser history and I could not find it. Why is this so challenging even to set up in the first place?
I must have missed something somewhere.

What I’ve been tasked to do is enable SSO via OKTA using SAML, but your documentation states that OpenID is the better option, so I guess I’ll do both, yet I have no idea where to actually do this.
My employer is using SSO via OKTA and SAML.

Only once I can verify that I have the proper SSO/OKTA setup then I will worry about securing the Python APIs/site that I’ve created.

1 Like

Hey,

I understand your frustration around identity and its documentation; it’s honestly overwhelming. I agree completely. However, we are here to make things easier. Understanding the concepts first will make it an easier decision on your end.

TLDR : What type of authentication is defined by the requirements you have…

As you are already aware, Oauth.2.0, OpenID, and SAML are broad concepts, but the underlying principles are similar. Okta recommends the latest standards, but that doesn’t mean existing technology since ages is deprecated. Okta still supports SAML 2.0, and based on your requirements, you may need it or not.

For example based on what you asked - here is some guides that can help clarify what SAML is in case you are implementing them first based on your question.

I’ll start here: What is SAML in under a minute

And see differences here and if it meets my requirements. [Differences between SAML, OpenID Connect, and OAuth 2.0] (What’s the Difference Between OAuth, OpenID Connect, and SAML? | Okta)

If I choose SAML after that below are where I would go next.
1.What are the differences between OAUTH and SAML
2. Basics of SAML
3. Planning for SAML

After understanding a bit of the above, I will ideally hit the build section here Build a Single Sign-On (SSO) integration | Okta Developer

OpenID Connect is much more secure and latest fashion statement than SAML-based authentication; hence, Okta recommends where it is possible to use them more; however, your use case might not require OpenID to connect if you are already tasked with SAML SSO, or you might have openID Connect to a single part of your requirement that is a possibility as well.

Similarly if I choose OpenId Connect - I would start here illustrated-guide-to-oauth-and-oidc

This might be a good starting point for you to explore. Although I would just want to point to a single document and say, Hey, here is a way you can do this in 30 seconds that is far easier said than done, Without understanding where you’re stuck and what you’re trying to implement, we can only provide such guidance.

Identity and authentication is a far ignored topic in the realm of software development; it has its own requirements you need to already know before you can build stuff out of it, since you’re dealing with users and multiple platforms and frameworks.

Let me know if this helps?

2 Likes