Okta support for SSO authentication

The Bold BI application supports the addition of users using the Okta provider. By importing them, you can share the dashboards and email exported dashboards with these users.

NOTE: This feature is available in Bold BI Embedded Analytics, but it is not available in Cloud Analytics Server.

How to register the Bold BI application in Okta

This section explains how to perform Single Sign-On for users in Okta with the Bold BI application.

NOTE: This configuration needs to be done on the Okta website.

Prerequisites

  • An admin account in Okta.
  • Install Bold BI application.

Steps to register the Bold BI application

  1. Login to the Okta website using an admin account.

    Admin page

  2. Please click on the Applications option in the header menu.

    Application page

  3. Click the Add Application button.

    Add Application

  4. Click on web and proceed to the Next step.

    Application type

  5. Please fill in the following application details on the next page and click Done.

    • Name
    • Login Redirect URIs
    • Logout Redirect URIs

    Application details

  6. The Login redirect URIs should be the URI in the settings of your Bold BI application, as shown in the following snapshot.

    Redirect URI

  7. On the next page, you will find the Client ID and Client Secret at the bottom, along with the other details you provided on the previous page.

    Client details

After successfully registering in Okta, save these settings on the Bold BI settings page to enable this authentication.

Enable Okta support for authentication in Bold BI

Configure the settings in Bold BI, as shown in the following screenshot, to enable authentication using Okta.

Okta settings

The fields that need to be saved in Bold BI to enable Okta for authentication are explained as follows.

Provider Name It represents the name of the authentication provider to be displayed in the login page.
Provider Logo It represents the logo of the authentication provider to be displayed in the login .
Authorization Endpoint It should be in the format ${baseUrl}/v1/authorize
Please refer here for more details.
Token Endpoint Method POST
Token Endpoint It should be in the format ${baseUrl}/v1/token
Please refer here for more details.
User Information Endpoint Method POST
User Information Endpoint It should be in the format ${baseUrl}/v1/token
Please refer here for more details.
Client ID The Client ID you get after registered the Bold BI application in Okta website.
Client Secret The Client Secret you get after registered the Bold BI application in Okta website.
Scopes openid, profile, email
Logout Endpoint It is the endpoint in the Okta website that signs the user out.
Email This must be the field name in which email will be present when deserializing the token.

Configure Okta Group Import Settings in Bold BI

Configure the group import setting in Bold BI using Okta, as shown in the image below.

Okta Group

To generate an API token, please click on the following link: Generate API Token