# Integrating with Okta

1- Log in to your OKTA platform with admin privileges

2- Navigate to the Applications section and click the "Create App Integration" button.

<figure><img src="https://lh7-us.googleusercontent.com/35Y8QTdQaQ_Mmh8NDTtF-5SddGFk0xNJIcJE732xeQ7LsOGmUDbGA8AQkJol44NwnwwI9AjVOjbsQqI3VqYwMq_8PJA-PoYbm7w8s3-ohsPFA7kuK7GuBvUIbTRZoailJ4yUwcXASaziHTUJJci81Ms" alt=""><figcaption></figcaption></figure>

3- Choose the OIDC (OpenID Connect) option for the sign-in method.

4- Select "Web application" as the application type.

<figure><img src="https://lh7-us.googleusercontent.com/cM-9l_W-LZmJiE-nQPhE37zWULAZXsA3MFo49BL0yWnTFjc-HOOB8HI-jSK9SFXZ8FTHcsypeSKxfYE0psJz2CSP28bPRNWyuoLyZuwFZJ9EVdHA4LSQez9zwsu93T_IlcVBIFqNDlULfsRr4J4QpGs" alt=""><figcaption></figcaption></figure>

5- In the General Settings, enter "Amove" as the App Integration Name. Refer to the screenshots below for Grant type details.

<figure><img src="https://lh7-us.googleusercontent.com/278ShiIIn40lNU4T_xRYKxbpjY5B8gcb9E1jQgQcKxDn79h1JUoU_0j-CCLWKoBHy5B2lq78G0ScACHkeZnheSRtCb1U7KpOPeZ6rkHREKh1Rh9EfVR6IlLo1auVibx-nI8A1tTtbvJiq_2EMuqesno" alt=""><figcaption></figcaption></figure>

6- Add the following URIs in the "Sign-In Redirect URIs" section. Refer to the screenshot below for guidance.Add following URIs in the sign-in redirect URIs section. See screenshot below

<https://app.amove.io/ssocallback>

<https://app.amove.io/usercallback>

<http://localhost:29123>

<figure><img src="https://lh7-us.googleusercontent.com/nGraa6QX2EF1VyU-YnKZiba57MgXEG-6eUxmzoYBrz8lkOjqiDjJTj4ASlO7Mxb4kRYjTOoJYeEDEfeJBEO0mnsWbK0Szcfo4rpFRbD7mI33UuQI76-4Cx5nqwFhdwF-kLVX720mC6pV-zdui_bi2Qs" alt=""><figcaption></figcaption></figure>

7- In the Assignments section, you can either allow everyone in your organization access to the application or skip this step and assign groups later.

<br>

<figure><img src="https://lh7-us.googleusercontent.com/sW3rJpLwUuucP12DVlEbSLx4o2Uneo6ypZ3lZoDVs5-_i2dfbZoSrHYheo04QXrdZPvn4q249AyH4T1X43e6kYRx5d2Pzgwf40Mxpc4ePEIWzu6B6V6V5j75vCi-7BWdkrmIMsKNQ7bt72KFkM0dWKc" alt=""><figcaption></figcaption></figure>

8- After creating the application, you will encounter a screen displaying the Client ID and Client Secret. These credentials will be used to connect your Amove client to OKTA.

<br>

<figure><img src="https://lh7-us.googleusercontent.com/FuRM0xGM_82TQAPzS6dRLVUrI1uRxslt-lAmGBosWqZ8Rg5VkhuLKlxDJn3rpKE2sLHGhkn4AqAyVh_NrS2aQI8p2NHB69ahr3H6w5vXGSXKSHmJzrTlzLDTbNcVY5c_VR84HdrtmZZprTXuylTwjg0" alt=""><figcaption></figcaption></figure>

9- Under the "Sign-On" section, edit the OpenID Connect ID Token and change the Issuer from "Dynamic" to your OKTA URL.

<figure><img src="https://lh7-us.googleusercontent.com/LfZbWxmEknN4cXDsEOMwdOAgT_IjeMpfvIPzW6vusGSQoY-AkR99LTQskaSWGMzkKhNCDwY1QBJbj--p_KHlJdGLYGtd_-pIzuMnd-I3FTJY4-DqQzCeW41UCicozczDXrag8ztPD105X8iw52vnKgw" alt=""><figcaption></figcaption></figure>

The OKTA URL will be used to connect your Amove client to the OKTA

10- Navigate to the Okta API Scopes tab and grant the following scope/permission.

okta.users.read.self

okta.groups.read

Okta.users.read

Okta.users.manage

11- In the Assignment section, edit the Admin user that will be used to import users and groups from OKTA. Change the "Assignment Master" from Group to Administrator.

<figure><img src="https://lh7-us.googleusercontent.com/ivuTJ_gXCWZwFRHahprc9nomb1brSbz6MmXifWur7onwqaILsksTkDMwpGCGr5Gkt8DNrZ7yQwkVVKSQYTn3cP4hpq8rKPSqWHJGwBOoZCWiP1WNWSP8qimD756Z1-8B1NXwMNAETbd-671xdMfsLuA" alt=""><figcaption></figcaption></figure>

<br>

<figure><img src="https://lh7-us.googleusercontent.com/bVHl4ZPjyfEORl4RdFaDsE04SfTynrYt7kDexEJujc0iyt4kcLUqnGR_1ltPtxljCErT4eO2swCYSIhe56pkBTyzjCtyt6pEUT_O-tm_OZZojOWENJae6ViDz3OhGvJcFYgTUbd7fAgy7MOrmqS_R2U" alt=""><figcaption></figcaption></figure>

12- Open the Amove.

<figure><img src="/files/SSZhcIAxmXY9f3lFGFql" alt=""><figcaption></figcaption></figure>

13- Choose "Account" from the sidebar menu on the left side.

<figure><img src="/files/gQ5tRjFZRCco8DwHdZ6a" alt=""><figcaption></figcaption></figure>

14- Click on Configure button in Okta Box.

<figure><img src="/files/a1ofNsjHWepx9asnpDj0" alt=""><figcaption></figcaption></figure>

15- Enter the Client ID, Client Secret, and OpenID URL to establish a connection with your OKTA.

<figure><img src="/files/LlY2vLJ1BwiWgRZLqDNl" alt=""><figcaption></figcaption></figure>

<br>

<br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.amove.io/amove-single-sign-on/integrating-with-okta.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.