Skip to Content
Menu

Single Sign On - Okta Workforce

by
Odoo

162.58

v 17.0 Third Party
Availability
Odoo Online
Odoo.sh
On Premise
Odoo Apps Dependencies Discuss (mail)
Lines of code 159
Technical Name okta_workforce_oauth
LicenseOPL-1
Websitehttps://www.cirantait.com/
Versions 17.0 18.0
You bought this module and need support? Click here!
Availability
Odoo Online
Odoo.sh
On Premise
Odoo Apps Dependencies Discuss (mail)
Lines of code 159
Technical Name okta_workforce_oauth
LicenseOPL-1
Websitehttps://www.cirantait.com/
Versions 17.0 18.0

SINGLE SIGN-ON INTO ODOO WITH OKTA WORKFORCE (SP Initiated SSO)

Introduction:

The Okta Workforce solution provides a secure and seamless single sign-on (SSO) experience, allowing employees to securely access Odoo without needing to remember multiple credentials. This integration enhances security, streamlines user management, and ensures a unified login experience across systems.

This guide explains how to configure Okta Workforce with Odoo, including creating a single sign-on application in Okta, collecting configuration details, and setting up Okta within Odoo for easy authentication.

Features:

  • Allows direct sign-in to Odoo: Users can sign in to Odoo directly using their Okta credentials.
  • Supports Service Provider (SP) Initiated SSO: Enables Odoo to act as a Service Provider within the SSO configuration, allowing users to start their login in Odoo and authenticate via Okta. This setup streamlines access control and enhances secure authentication.
  • OIDC SSO:
    • The OpenID Connect (OIDC) authentication protocol lets you verify the identity of users attempting to gain access to endpoints protected by HTTPS.
    • While OAuth provides only authorization, OIDC delivers an added layer of security through authentication.
    • This combination of authentication and authorization means you can use OIDC for single sign-on (SSO), which allows users to retain a single login across multiple websites or applications.

Setup and Workflow:

1. Create an app for single sign-on with Odoo inside Okta admin console.

a. Log in to your Okta application side as an admin to access the admin console.

image

b. Once logged in as an admin user, create an app for single sign-on with Odoo.

image

image

image

image

image

image

image

2. Collect the configuration details for Odoo.

a. Acquire the client ID and client secret from the registered app.

image

image

Please note that the following details are required to configure inside Odoo to ensure single-sign on authentication.

  1. Client ID (can be captured from the single-sign on app)
  2. Client Secret (can be captured from the single-sign on app)
  3. Authorization URI: https://<your-okta-domain>/oauth2/default/v1/authorize
  4. Redirect URI: https://<your-odoo-domain>/authorization-code/callback
  5. Issuer: https://<your-okta-domain>/oauth2/default/v1
  6. Token URI: https://<your-okta-domain>/oauth2/default/v1/token
  7. Userinfo URI: https://<your-okta-domain>/oauth2/default/v1/userinfo

3. Configure Okta Workforce in Odoo:

a. Once after collecting details from Okta, login inside Odoo and locate Settings->Users & Companies -> Okta Workforce.

image

b. Click on New to start creating the Okta configuration with the details collected from Okta.

image

4. Single Sign-on via Okta Workforce:

image
a. Once after clicking on login with Okta Workforce, it automatically redirects to the Okta sign-in page where you can enter your Okta credentials and sign into Okta.
b. After successfully signing into Okta, the system will automatically log you into Odoo as well.
c. If the Okta user is not present in Odoo prior to signing in, it will ask you to sign up into Odoo and then sign in.
d. If the Okta user is already present in Odoo, it will automatically authenticate and redirect into Odoo.

Test Cases

1. New User Registration and Landing Page

  • If the user is new, they will be prompted to sign up, where they can set their password and complete the registration.

  • After registration, the user will see a confirmation page indicating "Registration successful."

  • Once signed up, the user is automatically assigned as a portal user.

2. Existing User Login and Landing Page
  • For users who have already signed up, logging in will display the landing page as shown in the image below.

3. Internal User Landing Page
  • Internal users, upon logging in, will be taken directly to the main Odoo dashboard.
Comments: If the Odoo website module is installed, users will land on the website portal page by default after signing up.

Odoo Proprietary License v1.0

This software and associated files (the "Software") may only be used (executed,
modified, executed after modifications) if you have purchased a valid license
from the authors, typically via Odoo Apps, or if you have received a written
agreement from the authors of the Software (see the COPYRIGHT file).

You may develop Odoo modules that use the Software as a library (typically
by depending on it, importing it and using its resources), but without copying
any source code or material from the Software. You may distribute those
modules under the license of your choice, provided that this license is
compatible with the terms of the Odoo Proprietary License (For example:
LGPL, MIT, or proprietary licenses similar to this one).

It is forbidden to publish, distribute, sublicense, or sell copies of the Software
or modified copies of the Software.

The above copyright notice and this permission notice must be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
DEALINGS IN THE SOFTWARE.

Please log in to comment on this module

  • The author can leave a single reply to each comment.
  • This section is meant to ask simple questions or leave a rating. Every report of a problem experienced while using the module should be addressed to the author directly (refer to the following point).
  • If you want to start a discussion with the author or have a question related to your purchase, please use the support page.