Appetize Docs
HomeDemoUploadPricing
  • Introduction
  • Platform
    • App Management
      • Uploading Apps
        • Android
        • iOS
      • App Dashboard
      • Running Apps
      • App Permissions
    • Device Sandbox
    • Embedding
    • Sharing
    • Session Inactivity Timeout
    • Query Params Reference
  • Features
    • Devices & OS Versions
    • Network Traffic Monitor
    • Debug Logs
    • UI Automation
    • Proxy
    • Language & Locale
    • Mock Location
    • Deep links
    • Launch Params
    • Media
    • Auto-grant Permissions
    • Custom Branding
    • Custom Launch Pages
    • Advanced Features
      • Android
        • ADB tunnel
        • Hide Password Visibility
      • Reserved Devices
  • Account
    • Invite your team
    • Single Sign-On
      • OpenID Connect
      • SAML
      • Azure Active Directory
      • Google Workspace (GSuite)
    • Reporting
      • Session History
      • Usage Summary
  • Infrastructure
    • Configure Network Access
    • Enterprise Hosting Options
  • JavaScript SDK
    • Configuration
    • Automation
      • Device commands
      • Touch interactions
    • API reference
      • Initialization
      • Client
      • Session
      • Types
        • AdbConnectionInfo
        • AppetizeApp
        • AndroidElementAttributes
        • Coordinates
        • DeviceInfo
        • Element
        • ElementBounds
        • IOSAccessibilityElement
        • IOSElementAttributes
        • NetworkRequest
        • NetworkResponse
        • SessionConfig
        • SwipeMove
        • RecordedAction
        • RecordedSwipeAction
        • RecordedKeypressAction
        • RecordedPosition
        • RecordedTapAction
        • RecordedTouchAction
        • UserInteraction
  • Testing
    • Getting Started
    • Writing Tests
    • Running Tests
    • Test Configuration
    • Continuous Integration
    • Record Tests (experimental)
    • Trace Viewer
    • Web Tests on Mobile Browsers
  • REST API
    • Create new app
    • Update existing app
    • Direct file uploads
    • Delete app
    • List apps
    • Usage summary
    • Devices & OS Versions
      • v1
    • IP Blocks
      • v1
    • Sample code
  • Guides & Samples
    • Impersonation
    • Automate Sign-in Flow
    • Screenshot Automation
    • Unlock Device
    • Validate Analytics Events
    • Lock Your Device to One App
    • Test Accessibility Font Sizes
    • Common testing scenarios
    • Samples Repository
  • Deprecated
    • Cross-document messages
  • Changelog
  • Additional Support
    • Knowledge Base
    • Support Request
Powered by GitBook
On this page
  • Check authorization server groups scope
  • Create a new application
  • Configure app settings
  • Add group assignments to claims
  • Information to provide to Appetize
  1. Account
  2. Single Sign-On

OpenID Connect

PreviousSingle Sign-OnNextSAML

Last updated 9 months ago

Every SSO provider is a little bit different. Please with any questions!

Check authorization server groups scope

Check the "scopes" configuration of your authorization server, and verify there is a scope called groups. If not, add a scope named groups.

Create a new application

Configure app settings

Field
Value

Allowed grant types

Authorization Code

Login redirect URIs

TBD - provided by Appetize.io

Initiate login URI

TBD - provided by Appetize.io

Add group assignments to claims

We will need to configure your SSO provider to send over the user's groups assignments after a successful login.

The following example shows how to pass through groups with prefix appetize_* as a groups claim within OKTA. This can be done by adding the groups claim to your authorization server at API -> Authorization Servers. For some OKTA clients, this can also be done under the "Sign On" section in your app's configuration, where you can add groups the same way.

Information to provide to Appetize

1. We will need the "Client ID" and "Client secret" for the app you just created.

In OKTA, this is available in Security -> API -> Authorization servers -> Choose Server.

If the metadata endpoint is not available, you may also specify the required fields below:

  • authorization_endpoint

  • token_endpoint

  • userinfo_endpoint

  • jwks_uri

  • issuer

  • introspection_endpoint

2. We will also need your Metadata URI, often called "Discovery URL". For example:

https://dev-548472.oktapreview.com/oauth2/default/.well-known/oauth-authorization-server
contact us
OKTA add groups scope example. In Security -> API -> Authorization servers -> Choose Server -> Scopes
Example creating new "Web" application in OKTA
Example app settings in OKTA
Example including appetize_* group assignments claim in OKTA
Credentials to provide to Appetize.io
Example creating new "Web" application in OKTA
Example app settings in OKTA
Example including appetize_* group assignments claim in OKTA
Example Credentials to provide to Appetize.io