# How to integrate Toky with Okta Following these steps, you can connect Toky and Okta to provide your team an easy and secure way to start their session in Toky using [**Okta’s secure single sign on**](https://www.okta.com/products/single-sign-on/) #### Create the App in Okta **NOTE:** You must be an admin in the Okta account. * Login to Okta and go to **Applications** > **Applications**, and click on **“Add Application”**

* Click on **Create New App**, select **Web** as platform, and **OpenID Connect** as Sign in method. Click on **Create**

* Type **Toky** as **Application name**, upload the Toky Logo as **Application logo**, and in the section **Configure openID connect**, enter the following URL in the **Login redirect URIs** field: [**https://app.toky.co/auth/okta/clientID/callback**](https://app.toky.co/auth/okta/clientID/callback)

* You can download the following Toky logo to use it in your Okta App.

* Click on **Save** #### Configuring the app in Okta * Cick on **Edit** on the Toky app recently created * In the **APPLICATION** section, mark the options **Allowed grant types**, **Implicit (Hybrid)**. By default the option **Allow ID Token with implicit grant type** will appear as selected. * In the **LOGIN** section, modify the link previously saved in the **Login redirect URIs**, and replace the **clientID** in the link (**clientID**/callback), with the value you can find in **Client Credentials** > **Client ID.** * In the field **Login initiated by** select **Either Okta or App**, and the **Application visibility** will appear\*\*.\*\* Select **Display application icon to users**. * In the field **Initiate login URI** copy the URL you enter in **Login redirect URIs** and remove the **“/callback”** text.

* Click on **Save**. #### **Configure the Okta integration in Toky** NOTE: You must be an admin in your Toky account * Login to your Toky account and go to **Integrations** > **Okta** and follow the instructions to fill in all the required fields. * To get the Issuer URI you must go to Okta and then, go to **Security** > **API.** You will find a list of **Authorization Servers**, copy the **Issuer URI** from the server you want to use.

* Get the **Client ID** and the **Client Secret** in **Aplications** > **Aplications**. Select the app we created in the first steps and go to the **General** tab, and you will find the **Client ID** in the **Client Credentials** section. Copy the value and paste it into the corresponding field in the Toky integrations tab.

**Important**: These values are used by Toky to start the Authorization Code Flow with Okta from the server-side. * Enable the integration to start using the single sign-on with Okta.

* Click on **Save Changes** #### **Assign users to the Toky app in Okta** You must assign users to the Toky app so they can see it in their home screen in Okta and use it to log in to Toky. * Go to your Okta account, and then to **Applications** > **Applications**. Select the Toky app and go to the **Assignments** tab.

* Click on **Assign** > **Assign to People** (or group if you already have one defined), find the users you want to use Toky, and assign them to the app. * The assigned users will receive a notification and they will see Toky in their apps.

#### How to use the integration with Okta Once you finish configuring the integration, you can now login to Okta, go to the **My Apps** section, and click on **Toky** app.