The following section outlines the configuration of SAFEQ Cloud integrated with OKTA through their API interfaces.


  • It is necessary to generate API token in the OKTA administration UI. This API token will be used by SAFEQ Cloud server for authentication operations.

1. Creating an OKTA Token for integration

In the OKTA administration console, navigate to API and Tokens

Click Create Token and enter a reference name for the token.

The API Token appears on the screen, and only once, so carefully copy this token for use later in SAFEQ Cloud.

2. Configure SAFEQ Cloud for OKTA authentication

Add a new OKTA authentication provider in the SAFEQ Cloud authentication settings, and enter the following details:

Domains the domain names of the server. It must match the domain part of the user name. For example, if the domain name of OKTA authentication provider is, then the user added in Access Control should be
Priority A number that determines the order in which authentication providers will be called until one succeeds. Higher-priority providers will be called first.
OKTA endpoint address the address of the OKTA server prefixed with customer’s domain name. For example “” or “”
API token the API token obtained from OKTA administrator
MFA timeout, seconds the maximum time in seconds server will wait for multi-factor authentication to complete

Now users and groups in OKTA are accessible for Access Control configuration.
When adding a new access control entry for an OKTA authentication provider, the users or the groups from Access Control must contain the same domain as the domain name defined for that OKTA authentication provider.


Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Post Comment