Okta Authentication

Okta Authentication for HYPR Control Center

If your HYPR Control Center users are part of your Okta organization, you can integrate the Control Center into your Okta single sign-on. This is a two step-process: first you add the Control Center app in Okta, then you configure it to use Okta SSO.

Adding the HYPR Control Center in Okta
Configuring the HYPR Control Center

Adding the HYPR Control Center in Okta

Go to the Applications page in your Okta Administrator Console and click Add Application.


On the Add Application page, click Create New App.


In the Create a New Application Integration window, create the integration using the following settings:

Sign on methodOpenID Connect

On the Create OpenID Connect Integration page, use the following settings:

Application nameA descriptive name for the integrationHYPR Control Center
Application logoUpload the logo you want to use. The HYPR support team can send you a .PNG file upon request.
Login redirect URIsThe full path to your HYPR Control Center instancehttps://hypr.example.com/login/oauth2/

After you’ve created the connection, go to the General Settings tab and edit the default settings.


Change the General Settings as follows:

Allowed grant typesImplicit (Hybrid)
Allow ID Token with implicit grant type
Login initiated byEither Okta or App
Application visibilityDisplay application icon to users

Display application icon in the Okta Mobile app
Login flowRedirect to app to initiate login (OIDC Compliant)
Initiate login URIThe login URI for your Control Center instance

Below the General Settings section you’ll see the Client Credentials section. Make a note of the Client ID and Client secret since you’ll need those to configure the HYPR Server later.


After saving the configuration, go to the Assignments tab and assign the new application to your HYPR administrator users as necessary.


Configuring the HYPR Control Center

After you’ve added the HYPR Control Center as a new application in Okta, you need to configure it to use the appropriate Okta OAuth endpoints.

Log into your HYPR Control Center and select IDP Settings from the Global Settings fly-out menu to display the OIDC Connection Settings page:


Set the required authorization URLs to the appropriate OAuth endpoints as shown in the table below. In each case, the base URL path is as follows:


OAuth URLhttps://<yourOktaDomain>/oauth2/default/v1/authorize
Token URLhttps://<yourOktaDomain>/oauth2/default/v1/token
UserInfo URLhttps://<yourOktaDomain>/oauth2/default/v1/userinfo
JWKS URLhttps://<yourOktaDomain>/oauth2/default/v1/keys
Client IDUse the client ID assigned when you added the application to Okta
Client SecretUse the client secret assigned when you added the application to Okta
HYPR URLThe relying party URL for your HYPR instance
User name claim attributepreferred_username