home

Security Service Edge

Mobile Endpoint SecuritySecurity Service Edge
Mobile Endpoint SecuritySecurity Service Edge

Lookout Product Documentation

Find answers about using and optimizing Lookout products.

Show Contents

Security Service Edge

Okta User Directory

Create Web Application Integration in Okta

Creating an application integration in Okta gives Okta the information it needs to communicate with the Lookout Cloud Security Platform so Lookout can access the data in your Okta user directory.

Because the sign-in redirect URI for an Okta web app integration is region-specific, contact the Lookout Support team for the correct URI to enter in these steps.

  1. Sign in to the Okta application.
  2. Click the menu icon to display the Okta navigation menu.
  3. Select Applications > Applications.
  4. Click Create App Integration.
  5. In the Sign-in method section, select OIDC - OpenID Connect.
  6. In the Application type section, select Web Application.
  7. Click Next.
  8. Enter or select these options:
    • App integration name: Enter a name that contains only UTF-8 3-byte characters.
    • (Optional) Logo: Upload an image file containing your company logo. The file:
      • Must be a .png, .jpg, or .gif file.
      • Should be at least 420 by 120 pixels.
      • Size must not exceed 1 MB.
    • Grant type:
      • Clear the Client acting on behalf of itself checkbox.

      • In the Client acting on behalf of a server section, select the Refresh Token

        checkbox.

    • Sign-in redirect URIs: Enter the URI as shown in the format below. For more information, contact the Lookout Support team.

      https://cloudauth.<Tenant Region Domain>
    • Sign-out redirect URIs: Leave this field blank.
    • Controlled access: Select Allow everyone in your organization to access.
    • Enable immediate access: Select the Enable immediate access with the Federation Broker Mode checkbox.
  9. Click Save.
  10. Click the Clipboard icons to copy these values and paste them into a text file for later use when you onboard the Okta instance into the Management Console:
    • Client ID
    • Client Secrets
  11. On the API Scopes tab, grant access to these scopes:
    • okta.users.read
    • okta.domains.read
    • okta.groups.read
    • okta.roles.read

Last updated: November 20, 2024

lookout-footer

Legal Privacy Policy Cookie Policy Transparency Report Compliance Info Compliance Info (Gov)

© 2024 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design® and the Lookout multi-color/multi-shaded Wingspan Design® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, and the 4 Bar Shield Design.