> ## Documentation Index
> Fetch the complete documentation index at: https://docs.chamelio.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Okta – OIDC Setup

> Step-by-step guide to configure SSO via OpenID Connect (OIDC) from your Okta tenant to Chamelio

This guide walks you through setting up SSO via OIDC from your Okta tenant to Chamelio. You will need the SSO Self Service link that Chamelio sends you before starting.

<Steps>
  <Step title="Get Started">
    Open the SSO Self Service link Chamelio provided. You will see the setup screen.

    Click **Get Started**.

    On the **Select Your Identity Provider** page, select **Okta**, then click **Next**.
  </Step>

  <Step title="Create an Application">
    In the **Okta Admin Console**, navigate to **Applications > Applications**, then select **Create App Integration**.

    1. Choose **OIDC – OpenID Connect** as the Sign-in method.
    2. Choose **Web Application** as the Application type.
    3. Select **Next**.
    4. Enter your **App integration name**, e.g. `Chamelio`.
    5. Under **Core grants**, select **Refresh Token**.
    6. In the **Sign-in redirect URIs** field, enter:

    ```
    https://auth.chamelio.ai/login/callback
    ```

    7. Under **Assignments**, choose the access control mode for your organization (e.g. limit access to selected groups).
    8. Select **Save**.

    After saving, you will see the application details page with your **Client ID** and **Client Secret**.

    On the SSO Self Service Page, select **Next**.
  </Step>

  <Step title="Configure Connection">
    On the **Configure Connection** page, fill in the following from your Okta application:

    * **Okta Domain** — your Okta tenant domain (e.g. `your-org.okta.com`)
    * **Client ID** — from the Okta application's General tab
    * **Client Secret** — from the Okta application's General tab

    Click **Create Connection**, then **Proceed**.
  </Step>

  <Step title="Assign Access">
    In the Okta application, navigate to the **Assignments** tab.

    Select **Assign**, then **Assign to Groups**.

    Add the groups whose members should have access to Chamelio.

    <Info>
      You can skip this step if you already configured group access when creating the application.
    </Info>
  </Step>

  <Step title="Test SSO">
    Click the **Test Connection** button. You will be redirected to the Okta sign-in process.

    A successful test shows user information being passed correctly. Review the attributes to confirm accuracy, then click **Done**. The connection is now set up.
  </Step>
</Steps>

## Additional Steps

<Accordion title="Show Chamelio in the Okta End User Portal">
  To provide a seamless login experience via the Okta End User Portal, configure an Initiate login URI in Okta. Chamelio provides this URL with your SSO ticket — it looks similar to:

  ```
  https://app.chamelio.ai/login?connection=company-name-here
  ```

  In the **General** tab of your Okta application, under **General Settings**, select **Edit**.

  Under the **LOGIN** section, configure the following:

  * **Login initiated by** — set to *Either Okta or App*
  * **Application visibility** — enable **Display application icon to users**
  * **Login flow** — select **Redirect to app to initiate login (OIDC Compliant)**
  * **Initiate login URI** — enter the URL provided in your SSO ticket

  Select **Save**.
</Accordion>

<Accordion title="Upload a Chamelio logo to Okta">
  To display the Chamelio logo in the Okta End User Portal, click the application logo icon in Okta to open the **Edit Logo** dialog.

  Download the Chamelio logo and upload it. After clicking **Browse...** and selecting **Update Logo**, the Chamelio logo will appear.
</Accordion>
