Introduction
OpenID Connect is the preferred authentication protocol for Staircase AI because it is more user-friendly and secure than other methods.
We currently support SP-initiated SSO.
Prerequisites
To set up Okta OpenID Connect authentication, you must have admin rights in Okta, as well as Staircase AI.
Setup
Step 1 - Setup Staircase AI in Okta
Log into your Okta Admin account
Click Admin, and then Applications
Click Create App Integration
Select OIDC - OpenID Connect as the Sign-in method
Select Web Applications as the Application Type
In the Trusted Origins and Assignments sections that follow, there are no configuration requirements. Define as needed
Click Next
In General Settings, App integration name field, give the app a name, for example, "Staircase AI", and add the below logo
In the Grant Type section, select the Implicit Hybrid checkboxes
In the Sign-in redirect URIs field, enter https://app.staircase.ai/oktacallback
In the Login initiated by, select "Either Okta or app"
In the Initiate login URI, enter https://app.staircase.ai/okta-initiate-login
Click Save. You have now created an OIDC custom Okta app. Continue by configuring the app and assigning users to it
Make a note of the Client ID and Client secret provided
15. On the Sign-on tab, OpenID Connect ID Token section, make a note of the Issuer URL. The URL usually has the format of: https://my-organization.okta.com
16. Assign users and/or groups that should have access to Staircase AI. Make sure that the email addresses you use in Okta match those used in Staircase AI
Step 2: Set up Okta OpenID Connect in Staircase AI
In Staircase AI, go to settings -> integrations -> Okta card
Enter the Client ID, Client Secret and Issuer URL that you got when setting up Staircase AI in Okta
Click Connect
Sign in to Staircase AI using Okta
On the Staircase AI login screen, enter the email address associated with your Staircase AI account in Okta. Click Sign-in.
Please note: We support SSO using Google / Microsoft or Okta. No SAML