OpenID Connect

Note: Every SSO provider is a little bit different. Please contact us with any questions!
Create a new application
Example creating new "Web" application in OKTA
Configure app settings
Field
Value
Allowed grant types
Authorization Code
Login redirect URIs
TBD - provided by Appetize.io
Initiate login URI
TBD - provided by Appetize.io
Example app settings in OKTA
Add group assignments to claims
We will need to configure your SSO provider to send over the user's groups assignments after a successful login. 
The following example shows how to pass through groups with prefix appetize_* as a groups claim within OKTA. This can be done by adding the groups claim to your authorization server at API -> Authorization Servers. For some OKTA clients, this can also be done under the "Sign On" section in your app's configuration, where you can add groups the same way. 
Example including appetize_* group assignments claim in OKTA
​
Information to provide to Appetize.io
1. We will need the "Client ID" and "Client secret" for the app you just created. 
Credentials to provide to Appetize.io
2. We will also need your metadata endpoint, often called "Discovery URL". For example: https://dev-548472.oktapreview.com/oauth2/default/.well-known/oauth-authorization-server​
If the metadata endpoint is not available, you may also specify the required fields below:
authorization_endpoint
token_endpoint
userinfo_endpoint
jwks_uri
issuer
introspection_endpoint. 

Last modified 11mo ago

Field	Value
Allowed grant types	Authorization Code
Login redirect URIs	TBD - provided by Appetize.io
Initiate login URI	TBD - provided by Appetize.io