# Okta Sign-In Setup This guide describes how to configure Okta as an identity provider for signing in to P0 Security. After completing this setup, your users can authenticate to the P0 web app at and the P0 CLI using their Okta credentials. {% hint style="info" %} This guide covers **signing in to P0 with Okta**. This is different from the [Okta Directory Integration](https://docs.p0.dev/integrations/directory-integrations/okta), which enables P0 to manage access and inventory within your Okta instance. {% endhint %} **Approximate setup time:** 15 minutes ## Prerequisites * An existing P0 Security account * Administrative access to your Okta instance with one of the following roles: * Super Administrator * Application Administrator ## Overview Setting up Okta sign-in for P0 involves: 1. [Contact P0 Security](#step-1-contact-p0-security) 2. [Create an application integration in Okta](#step-2-create-an-application-integration) 3. [Configure OIDC parameters](#step-3-configure-oidc-parameters) 4. [Verify client credentials](#step-4-verify-client-credentials) 5. [Share configuration with P0](#step-5-share-configuration-with-p0) ## Step 1: Contact P0 Security Before configuring Okta, contact P0 Security to start the setup process: * **Email:** P0 confirms your organization is ready for Okta sign-in configuration. ## Step 2: Create an application integration 1. Log in to the Okta Admin Portal. {% hint style="info" %} The admin URL is your subdomain plus `-admin` (for example, `companyname-admin.okta.com`). If you have customized your domain, access the admin console using your un-customized domain. {% endhint %} 2. Select **Applications** > **Applications** from the menu. 3. Click **Create App Integration**.

4. In the "Create a new app integration" modal: * Select **OIDC - OpenID Connect** as the Sign-in method. * Select **Native Application** as the Application type.

5. Click **Next**. ## Step 3: Configure OIDC parameters On the "New Native App Integration" page, configure the following settings: 1. **App integration name:** Enter `P0 Security`. 2. **Logo** *(optional)*: Upload the P0 logo if desired.

1. **Grant type:** Enable the following grant types: * Authorization Code * Device Authorization * Token Exchange

1. **Sign-in redirect URIs:** Add the following URI: ``` https://p0.app/oidc/auth/_redirect ``` 2. **Assignments:** Configure access for your organization: * To enable P0 for everyone, select **Allow everyone in your organization to access**. * To restrict access to specific groups, select **Limit access to selected groups** and choose the appropriate Okta groups.

3. Click **Save**. ## Step 4: Verify client credentials After creating the application, verify the client credentials settings: 1. Navigate to the **General** tab of your new P0 Security application. 2. In the **Client Credentials** section, confirm: * **Client authentication** is set to **None** * **Proof Key for Code Exchange (PKCE)** is enabled

## Step 5: Share configuration with P0 Share the following information with P0 Security to complete the setup: 1. **Okta organization URL:** Your Okta domain (for example, `mycompany.okta.com`) 2. **Client ID:** Found in the **Client Credentials** section of the **General** tab {% hint style="info" %} These values aren't secrets and are safe to share over email or Slack. {% endhint %} Send these values to or your P0 account executive. P0 configures your organization and confirms when Okta sign-in is ready. ## Signing in with Okta Once P0 confirms the configuration is complete, users can sign in: **Web app:** 1. Navigate to . 2. Click **Sign in with Okta**. 3. Authenticate with your Okta credentials. **CLI:** 1. Run `p0 login`. 2. Complete authentication in the browser window that opens. The CLI automatically uses Okta once your organization is configured. {% hint style="success" %} Your organization is now configured to sign in to P0 Security using Okta. {% endhint %} ## Related topics * [Supported identity providers](https://docs.p0.dev/p0-security-onboarding/supported-identity-providers) * [Okta Directory Integration](https://docs.p0.dev/integrations/directory-integrations/okta) — For managing access and inventory within Okta * [Installing p0 CLI](https://docs.p0.dev/p0-cli/installing-p0-cli)