Search Results :


Joomla OAuth Client Integration with Okta Single Sign-On (SSO)

Set up Single Sign-On (SSO) on your Joomla site via Okta OAuth provider with the help of Joomla OAuth & OpenID Connect plugin. Integrating Okta Single Sign-On (SSO) into Joomla using OAuth 2.0 authentication protocol allows your users to securely login into your Joomla websites and applications by authenticating with Okta OAuth provider. The Okta OAuth Joomla plugin also provides advanced features such as, Auto create users, Attribute Mapping, Group Mapping etc.

Visit our Joomla OAuth Client Plugin page to learn more about the features and Pricing plans we offer for the Joomla OAuth Single Sign-on (OAuth & OpenID connect) plugin.

Pre-requisites for setting Okta OAuth SSO with Joomla

Setup Okta as OAuth Provider with Joomla OAuth Client

Follow the steps given below to setup the Joomla OAuth Client plugin. You can also refer to this Setup video for configuring the plugin.

1. Download and Setup Joomla OAuth Client

  • Download the zip file for the miniOrange OAuth Client plugin for Joomla from the given link.
  • Login into your Joomla site’s administrator console.
  • From left toggle menu, click on System, then under Install section click on Extensions.
  • Upload the downloaded zip file to install the Joomla OAuth Client plugin.
  • Installation of plugin is successful. Now click on Start Using miniOrange OAuth Client plugin.
  • Under Configure OAuth tab. Select Okta as an OAuth Provider.
  • okta Single Sign-On (SSO) OAuth/OpenID-addapp-shortcut
  • Now copy the Callback / Redirect URL which is needed while configuring Okta as OAuth Server.
  • okta Single Sign-On (SSO) OAuth/OpenID-addapp-shortcut

2. Configure Okta as OAuth Provider

  • Now go to and log into your Okta account.
  • Go to the Okta Admin panel. Go to Applications -> Applications.
  • okta Single Sign-On (SSO) OAuth/OpenID-addapp-shortcut
  • You will get the following screen. Click on Create App Integration button.
  • okta Single Sign-On (SSO) OAuth/OpenID-addapplication
  • Select Sign in method as the OIDC - OpenID Connect option and select Application type as Web application, click on Next button.
  • okta Single Sign-On (SSO) OAuth/OpenID-select-webplatform
  • You will be redirected to the app details page. Enter App integration name and Sign-in redirect URLs which we copied as Callback/Redirect URL.
  • okta Single Sign-On (SSO) OAuth/OpenID-callbackURL
  • Scroll down and you will see the Assignments section. Select an option for controlled access as Allow everyone in your organization to access, untick the Enable immediate access with Federation Broker Mode and then click on Save button.
  • okta Single Sign-On (SSO) OAuth/OpenID-clientcredentials
  • Now you will get the Client ID and Client Secret . Keep these credentials handy for configuring miniOrange OAuth Client Single Sign-On (SSO) plugin.
  • okta Single Sign-On (SSO) OAuth/OpenID-clientcredentials
  • From right top header, you will get your domain name. Keep the domain name handy.
  • Note: Copy the Okta domain to configure Joomla OAuth Single Sign-On (SSO) plugin. eg.( ) then your domain is .

    okta Single Sign-On (SSO) OAuth/OpenID-clientcredentials

3. Integrating Joomla with Okta

  • Go back to your Joomla Dashboard. Then go to Components, then miniOrange OAuth Client and click on Configure OAuth tab.
  • Paste the Client ID, Client Secret and Domain. Also Set Client Credentials In header then click on Save Settings to save your Configuration.
  • okta Single Sign-On (SSO) OAuth/OpenID-clientcredentials

3.1. Scope & Endpoints

  • Scope & Endpoints are given below, which are required for configuring Joomla as OAuth Client plugin to configure Okta as a custom OAuth or OIDC provider.
  • Scope: openid email
    Authorize Endpoint: https://{yourOktaDomain}.com/oauth2/default/v1/authorize
    Access Token Endpoint: https://{yourOktaDomain}.com/oauth2/default/v1/token
    Get User Info Endpoint: https://{yourOktaDomain}.com/oauth2/default/v1/userinfo
    Custom redirect URL after logout:[optional] https://{yourdomain.okta}.com/login/signout?fromURI= <your url>
    Set Client Credentials: In Header Only

4. User Attribute Mapping

  • User Attribute Mapping is mandatory for enabling users to successfully login into Joomla. We will be setting up user profile attributes for Joomla using below settings.
  • Click on Test Configuration button, you will see all the values returned by your OAuth Provider to Joomla in a table.
  •  Okta Single Sign-On (SSO) OAuth/OpenID
  • Now go to do Attribute Mapping tab. Here you can map all the Attribute Mapping details in the given fields below.
  •  Okta Single Sign-On (SSO) OAuth/OpenID

5. Role/Group Mapping [Premium Feature]

  • Go to the Role Mapping tab. Here you can Enable Role Mapping and select default groups for new users.
  • Based on your provider application, you can allocate the Joomla role to your provider roles.
  •  Okta Single Sign-On (SSO) OAuth/OpenID

6. Fetch Okta Groups

  • Click on the Sign On tab in your Okta application.
  •  Okta Single Sign-On (SSO) OAuth/OpenID
  • Go to the OpenID Connect ID Token section by scrolling down.
  • Under Group claims filter section, enter groups as the default name, and then select Matches regex from the drop down list and enter .* (without spaces) to return all the user's Groups. Click on Save button.
  •  Okta Single Sign-On (SSO) OAuth/OpenID

7. Steps to Create Custom Claims in Okta

  • Go to the Okta Admin panel ->Security -> API.
  • Click on Add Authorization Server button.
  •  Okta Single Sign-On (SSO) OAuth/OpenID
  • After creating a new Authorization Server, click on the Edit icon as shown below.
  •  Okta Single Sign-On (SSO) OAuth/OpenID
  • Go to Claims and click on Add Claim button.
  •  Okta Single Sign-On (SSO) OAuth/OpenID
  • After creating a custom claim, go to Access Policies and select Add Policy.
  •  Okta Single Sign-On (SSO) OAuth/OpenID
  • After creating a new policy in the Access Policies tab, click on Add rule button.
  •  Okta Single Sign-On (SSO) OAuth/OpenID
  • Give a name to the rule. Keep other settings as default and click on Create rule.

8. Login Settings [Premium Feature]

  • Now you can use Login / SSO URL to perform SSO.
  •  Okta Single Sign-On (SSO) OAuth/OpenID
  • Now logout and go to your Joomla site's pages where you have added this link. You will see a login link where you placed that button. Click on this button to perform SSO.
  • Go to the Login/Logout Settings tab. Here, you can configure user login/logout behavior for your Joomla application.
  •  Okta Single Sign-On (SSO) OAuth/OpenID
  • Congratulations, you have successfully configured the miniOrange OAuth Client plugin with your Okta OAuth Provider.
  • Click on the Upgrade Plans tab to check out our complete list of features and various licensing plans. OR you can click here to check features and licensing plans.
  • If you want to purchase any of the paid version of the plugin, you have to register/login with us in Account Setup tab. OR you can register/login Here .
  • In case, you are facing some issue or have any question in mind, you can reach out to us by sending us your query through the Support button in the plugin or by sending us a mail at

In this guide, you have learned how to configure Joomla Okta Single Sign-On (SSO) by configuring Okta as OAuth Provider and Joomla as OAuth Client using our Joomla OAuth & OpenID Connect plugin.This solution ensures that you are ready to roll out secure access to your Joomla site using Okta login credentials within minutes.

Additional Resources

Mail us on for quick guidance(via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.

Hello there!

Need Help? We are right here!

Contact miniOrange Support

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to