This guide walks you through configuring Okta to integrate with Metalware for OIDC authentication.
1. Create an App Integration in Okta
- Sign into your Okta admin console.
- Navigate to Applications and select Create App Integration.
- When prompted, select the following options:
- Fill out the form, ensuring that the host IP and host port match the values of the machine running the Havoc Docker container.
- In this example:
- The host machine running the Docker container is
hmorty
- The port being forwarded is
8085.
DNS may be used instead of host IP, as shown above with local host name “hmorty”.
- Set user assignments as needed.
If required, restrict access to specific groups. In this example, we allow all users in the organization to access Metalware.
2. Copy Your App Integration Credentials
To find the credentials for your app integration:
- On the General tab, the Client Credentials section shows the client ID and client secret values for your app integration.
- You can copy the Client ID and Client secret values using the Copy to Clipboard button beside each text field.
You will need the Client ID and Client Secret for installation.
3. Configure an Authorization Server
- Navigate to Security > API in the Okta admin console.
- Click Add Authorization Server.
- Set the audience to
api://metalware/havoc
- Once the Authorization Server is created, open it and create an Access Policy.
- Define a policy that aligns with your security requirements.
- Add a Rule to specify authentication conditions.
- Your access policy should now look similar to the following:
