Date Posted:
Product: TIBCO Spotfire®
Product: TIBCO Spotfire®
Problem:
How to configure OpenID connect authentication with Okta on the TIBCO Spotfire Server
Solution:
This article describes the steps to configure OpenID connect authentication with Okta on the TIBCO Spotfire Server.
- Register an Okta account using the following URL : https://developer.okta.com/pricing/ and ensure to copy your Okta URL(For example: https://dev-186893.oktapreview.com/) after signing up.
- Sign using your Okta URL with desired credentials
8. Go back to Okta portal and provide redirect URL. After application registration is complete, you can tweak the settings like Allowed grant types, Login initiated as per your needs. For example, below are adjustments that we have tested internally.
**Important Note**:
For TIBCO Spotfire Server versions 10.7 and below: Ensure to select the 'Login Initiated by' option to be "APP" instead of "Either Okta or App" as it is not applicable for Spotfire application because Okta can only initiate the login for Web and SPA apps with the "implicit" grant type where as Spotfire by default uses "Authorization code" workflow.
For TIBCO Spotfire Server versions 10.8 and higher: Spotfire now supports third party initiated login (https://community.tibco.com/wiki/whats-new-tibco-spotfirer-108#toc-31) which in the Okta case means that you could start an authentication flow by clicking the Spotfire app in the Okta portal.
To configure this you specify the following:
- "Login initated by": "Either Okta or App"
- "Login flow": "Redirect to app to initiate login (OIDC Compliant)"
- "Initiate login URI": https://example.com/spotfire/auth/oidc/v1/initiate
Doc: Configuring OpenID Connect External: Creating Okta account External: Implement the Authorization Code Flow
Comments
0 comments
Article is closed for comments.