Establishing Okta SSO Authentication in CData Sync

  • 12 October 2023
  • 0 replies

Userlevel 2

Single Sign-On (SSO) in CData Sync using Okta SSO provider enhances the user experience with CData Sync and improves security and productivity, which helps create efficient, user-friendly and robust access to the application.  


With SSO, your organization can have multiple instances of CData Sync and all be accessible simultaneously from anywhere around the world.  


This article provides step-by-step instructions for configuring Single Sign-On (SSO) authentication in CData Sync using Okta SSO provider. 


Configuring Okta SSO Authentication in CData Sync  


The basic steps for setting up Single Sign-On (SSO) Authentication with Okta in CData Sync are as follows: 

  1. Configure Okta   

  1. Configure User in Sync   

  1. Configure SSO in Sync  



Section I: Configure Okta  


  1. Create a custom app integration 


  1. In the Okta Admin Console, navigate to Applications > Applications.  

  1.  Click Create App Integration.  






  1. Select OIDC - OpenID Connect as the Sign-in method and Web Application as the Application type then click Next.  



  1.  Configure the following:  

Enter the App integration name  

Add the Sign-in redirect URIs as applicable to your CData Sync instance:  

Java: http://localhost:8181/src/ssoCallback.rst  

ADO.NET: http://localhost:8019/src/ssoCallback.rst  






Note: Please specify the corresponding port as per your instance.    


  1. Select the desired Assignments option.  

  1. Click Save to create the app. 

  1. Retrieve the necessary properties from Okta 


  1. After the application is successfully created, click on General and note the values of Client ID and Client Secret:  



  1. Navigate to Sign On and note the value of Audience:  





Note: In this article we have used the custom authorization server called default that Okta provides, however you can set up your own custom authorization server. 


Section II: Configure User in Sync  


This section focuses on configuring user-specific settings within the CData Sync application.  


  1. Open CData Sync and navigate to Settings > Users > Add.    

  1. Set up the User and its corresponding password.  

  1. Choose the Role as per your use case.    

  1. Specify Federation ID depending on the key claim value. 

  1. Click on Add and refresh the page.    


Section III: Configure SSO in Sync   


In this section you will configure the necessary SSO settings within the CData Sync application. This step ensures that CData Sync can initiate and manage the SSO authentication process effectively.   


  1. Open Sync and navigate to Settings > SSO.  

  1. Click on Configure.   

  1. The Single Sign On (SSO) Settings windows appears. Fill in the following details: 


Audience URIs: Set this value to the URI that identifies Sync as a trusted application within the SSO platform (the value you noted in section I > step 2.2). 

Key Claim: This setting specifies what value from the identity provider should be treated as the federation Id. This value can usually be set to sub but it might depend on your authorization server. 

OAuth Client ID: Set this to the client Id from the app integration that you created, (the value you retrieved in section I > step 2.1). 

OAuth Client Secret: Set to the client secret in your application settings (the value you retrieved in section I > step 2.1). 

Import URL: You can get the discovery URL from here for Okta. After specifying the OpenID Discovery URL, you can click the Import button to automatically import the other settings such as Authorization URL, Default Scopes, Token Issuer Identifier, Token URL, Issuer Certificate… 



Note: In this article we have used the Import button to automatically import some SSO settings, however you can set these settings manually. 


  1. Click on Save.   
    Note: For more information, you can also refer to our Help documentation.   

  1. The Okta SSO authentication is now configured for CData Sync. You can also see the changes in the log in page of the application: 





Please reach out to if you run into any issues.  

This topic has been closed for comments