Rebar enables integration and authentication with Okta from for apps built with Rebar. Okta is easy to enable in both the Rebar Hub and in the app itself.
Before getting started with Okta, you will need to have an Okta account configured and ready to go. You will need to know your
Okta Url (the host name for your Otka account) as well as, on a per app basis, your Client Id (apps can share client id values).
Configuring Okta Globally in Rebar
To configure Okta, you must be a super administrator in the Rebar Hub. Navigating to the
Configure tab and the
Okta Configuration will enable you to manage the Rebar Hub settings for Okta.
This will ask for two pieces of data:
- Host Name
- Refresh Interval
To authenticate with Okta, you must provide your Okta root host name. For example,
monkton.okta.com is Monkton's main Okta host. This will be the basis of authenticating apps with Okta.
Due to the nature of Mobile Apps and how they work, there are incongruent policy from NIST on AAL-2 authentication with mobile apps. AAL-2 is written for desktop browsers in a shared environment.
Once a user has authenticated with Okta, the Rebar SDK sends the Rebar Hub the authentication information from Okta. This includes the users identity, access token, and refresh token.
The Rebar Hub leverages the refresh token to periodically validate the user is still valid within Okta. Set this refresh interval to your desired state based on risk.
Configuring Okta in Apps
The final piece to this is configuring apps for Okta. To add a new app in Otka, follow the steps below:
Create a new Application in Okta
After authenticating with Okta, navigate to:
Create New App
Native Applicationfor `Platform
Sign on Method
Once the next page displays, provide the requisite details for your application:
- Provide the
- Provide the
Login redirect URIs. Example:
Note You should use your app bundle identifier for the redirect URI.
Required Grant Types
Ensure that you have selected the following options for
Allowed grant types:
Note Failure to select these values will ensure Rebar cannot use Okta and will result in Authentication errors.
Configuring Okta for Apps
Once you have created your Okta Application, you will add the values in two places:
- Editing the Application definition on the Rebar Hub
- Add the following fields to your
Rebar Hub Configuration
Navigate to your App in the Rebar Hub.
- Scroll to
- Enter your
Okta will now apply that value for all app bundles under that app.