How can we help?

    Okta Integration


    Before we begin, there are some assumptions being made. One, that you are a Company Manager and either you, or someone you are working closely with inside of your company is an Okta Administrator. Two, you have registered with Brilliant and a Storefront has been created for you by your Creative Partner.

    After the above criteria has been established, the high-level steps involved in setting up the Okta application include:

    1. Login to Brilliant using your email address and password

    2. Navigate into your Company -> Integrations -> Okta Integration General Settings

    3. In a separate browser, login to Okta

    4. Create a new Brilliant Application

    5. Enter the Bi-Directional links between your new Okta Application and your Brilliant Company-level Okta Integration.

    6. Ensure is in your list of Trusted Origins

    7. Create an API Access Token, integrate it and test your API connection

    View your Okta Integration General Settings

    1. After logging into Brilliant, navigate into your Company -> Integrations -> Okta Integration General Settings

    1. In a separate browser window, login to Okta and enter the “Admin” section. After clicking the “Admin” button, hover over “Applications” and click “Applications” in the dropdown list. Next, click the “Add Application” button and then finally, click “Create New App”.

    1. Initialize your new Okta Application with the following settings and click “Create”:

    1. On the “New Web App Integration”, write an “App integration name” of your choice and save.

    1. On your new web app’s page, click “Edit” in the “General Settings” panel. Copy the callback URIs from your Brilliant company’s Okta integration page, and set the underlined fields

    Custom Domain Stores: If you intend to direct SSO user’s to storefront with a custom domain (vanity url), you will have to replace domain in all callback URIs with your store’s custom domain.

    Note: The URIs in image to the right are non-working examples. Use the URIs found in your Brilliant Okta Integration page

    While it’s not necessary to set “Login Initiated By” to “Either Okta or App” as this depends on your use case, it will make it easy to test the integration using Okta’s app dashboard if the icon is made usable to users.

    1. Now, copy your new Okta Application’s Client Credentials over to the Brilliant Okta Integration Screen. Also, copy your Okta Organization Domain over to the Brilliant Integration page’s “Okta Org” field:

    1. Confirm your API Authorization Server settings. Feel free to create a new API Authorization Server if you wish:

    1. Create an API Token so that Brilliant can periodically check your user group permissions (Required). In the Okta header, navigate to “Security -> API”. Next, select the “Tokens” tab and click “Create Token”. Give the token a name and Immediately, copy the new token value. Paste the new token into the Brilliant Okta Integration API Token field:

    1. Check to make sure your Trusted Origins list contains an entry for

    1. Click “Save/Update Okta” in the Brilliant Okta Integration page. After the page reloads, you should see a “Test” button. Clicking that button will trigger an API connection test to help verify if the API token is working. Keep this browser window/tab open. We have one more field to fill in on this page.

    1. Now we will create our Okta groups and link those groups with the Brilliant Okta Integration settings at the company level, and at the store level. In the Okta header, select “Directory -> Groups”. Click the “Add Group” button. Fill in the form and click “Add Group”.

    1. Now, find and copy the new group’s ID so that it can be pasted into the Brilliant Okta Integration page’s “Manager Group ID” field. It can be found at the end of the URL (highlighted below in red) when you open the group’s Okta page. Once that ID is pasted into Brilliant’s “Manager Group ID” field, click “Save”:

    Your Okta Application and your Brilliant Company Okta Integration are now linked. It’s time to create two more groups for your Storefront. A Storefront Admin Group and a Storefront User Group and set the group ID’s into the Brilliant Storefront Settings.

    Questions? Email [email protected] for anything related to your integration.