DNN OAuth Single Sign-On (SSO) with Okta as OAuth Provider
DNN OAuth Single Sign-On (SSO)
module gives the ability to enable OAuth Single Sign-On for your DotNetNuke
site. Using Single Sign-On you can use only one password to access your DNN
site and services. Our module is compatible with all the OAuth-compliant
identity providers. Here we will go through a step-by-step guide to configure Single Sign-On
(SSO) between DNN and Okta considering Okta as OAuth Provider. To check other
features we provide, click
Pre-requisites : Download And Installation
the DNN OAuth Single Sign On module with above link.
Extract the package and upload the extension
dnn-oauth-single-sign-on_xxx_Install by going to
Settings > Extension > Install Extension
1. Adding module on DNN page
Open any of the page on your DNN site (Edit mode) and Click on
Search for oauthclientsso and click on the oauthclientsso. Drag and
drop the module on the page where you want.
You have finished with the Installation of the module on your DNN site.
If you want to add module on every page of your dnn site, go to
Module Settings >> Advanced Settings.
Check the box for Display Module on All Pages and click on
Under oauthclientsso settings tab, select Okta as identity
Copy the Redirect/Callback URL and provide the same to your OAuth
To configure DNN as a OAuth Client, you will now need to complete the DNN Configuration by configuring the Client ID and Client secret and the endpoints.
You can refer to the table below for the endpoint and you will get Client ID & Client Secret from your Okta admin dashboard configuration as in step 2.
Go to the Okta Admin panel. Go to
Applications -> Applications.
You will get the following screen. Click on
Create App Integration button.
Select sign in method as the OIDC - OpenID Connect option and select
Application type as web application, click on Next button.
You will be redirected to the app details page. Enter
App integration name and Sign-in redirect URIs. you will get
that from miniOrange DNN OAuth plugin.
Scroll down and you will see the Assignments section. Choose a
controlled access option and uncheck the Enable immediate access with
Federation Broker Mode option. Click on Save button.
Now you will get the Client credentials and okta domain. Copy
these credentials in miniorange DNN OAuth Plugin configuration on
Go to Applications tab and Click on your application.
Select the Assignments tab.
Click Assign and select Assign to People.
If you want to assign the application to multiple users at the same time
then select Assign to Groups [If an app is assigned to a group then,
the app will be assigned to all the people in that group]
Click Assign next to a user name.
Click Save and Go Back.
In your Okta admin dashboard, navigate to Security -> API.
Select your SSO application and click on the edit icon.
Go to claims tab and select the ID token option.
click on Add claim button.
Give a Name to your claim/attribute and Select ID Token from
the token type dropdown. Now, enter the value user.$attribute in the
Value field based on the attribute you want to receive. Keep other
settings as default and click on Create button.
Follow the similar steps for all the attributes you want to see. You will
have a list similar to the below one.
3. Test Configuration
After saving settings, you can see the list of applications you have
Click on Edit to update the configuration.
Click on Test Configuration to check if the configuration is correct.
On successful configuration, you will get Attributes Name and Attribute
Values on Test Configuration window.
4. Attribute Mapping
Go to the
oauthclientsso settings >> Advanced Settings >> Attribute
Map email and username with Attribute Name you can see in Test
5. Adding Widget
For adding the widget go to Add Widget.
Click on Add Widget button. A button will be added on the DNN page.
You can even configure the
ASP.NET OAuth Single Sign-On (SSO)
module with any identity provider such as
ADFS, Azure AD, Bitium, Centrify, G Suite, JBoss Keycloak, Okta, OneLogin,
Salesforce, AWS Cognito, OpenAM, Oracle, PingFederate, PingOne, RSA
SecureID, Shibboleth-2, Shibboleth-3, SimpleSAML, WSO2
or even with your own custom identity provider.
Not able to find your identity provider? Mail us on
and we'll help you set up SSO with your IDP and for quick guidance (via
email/meeting) on your requirement and our team will help you to select the
best suitable solution/plan as per your requirement.
Need Help? We are right here!
Contact miniOrange Support
Thanks for your inquiry.
If you dont hear from us within 24 hours, please feel free to send a follow up email to email@example.com
This privacy statement applies to miniorange websites describing how we handle the personal
When you visit any website, it may store or retrieve the information on your browser, mostly in the
form of the cookies. This information might be about you, your preferences or your device and is
mostly used to make the site work as you expect it to. The information does not directly identify
you, but it can give you a more personalized web experience.
Click on the category headings to check how we handle the cookies.
Strictly Necessary Cookies
Necessary cookies help make a website fully usable by enabling the basic functions like site
navigation, logging in, filling forms, etc. The cookies used for the functionality do not store any
personal identifiable information. However, some parts of the website will not work properly without
These cookies only collect aggregated information about the traffic of the website including -
visitors, sources, page clicks and views, etc. This allows us to know more about our most and least
popular pages along with users' interaction on the actionable elements and hence letting us improve
the performance of our website as well as our services.