*** title: Okta SSO Configuration Guide for Non-US Commercial Regions (OIDC) excerpt: '' deprecated: true hidden: false metadata: title: '' description: '' robots: index next: description: '' --------------- Please see our updated [Okta Installation Guide (🔗)](/service-management/administration/sso-configuration/okta-sso/okta-oidc) # Before you begin * Ensure you have **Admin Access** to your Okta instance. * You have collected the **CUSTOMER\_ID** under **Organization Details > General Information**. * This is the unique identifier for your organization . This is stored as **Org Name** ![](https://files.readme.io/ec5bf3b5e47317fcf8d2ba7f7d6b1348befd4c402553e53c4d966795d1715e13-CleanShot_2024-11-11_at_14.53.19.png) In exceptional cases where you would like Moveworks to support your organisation with a different subdomain value. Please reach out to Moveworks Support. # Okta App Setup Instructions 1. Go to the screen in Okta that allows you to create Applications. 2. Click on **Create App Integration**. ![](https://files.readme.io/39b4f06-image-20210715-094919_5.png) 3. Select **OIDC - OpenID Connect** in the next screen. ![](https://files.readme.io/1db3930-Screen_Shot_2022-06-01_at_5.19.51_PM_2.png) 4. Specify a name for the application. 5. Add the logo for Moveworks application ![](https://files.readme.io/5a9a378-logo.png) 6. Identify the appropriate Sign-in Redirect URI and Login URI for your environment from the table below, replacing the `CUSTOMER_ID` with the value for your org which was collected as part of the Prerequisites. | Region | Sign-in Redirect URI | Login URI | | :----------------------- | :------------------------------------------------------------------------------------------------------------------------------------ | :------------------------------------------------------------------------------------------------------ | | United States (default) | [https://CUSTOMER\_ID.moveworks.com/login/sso/oidc](https://CUSTOMER_ID.moveworks.com/login/sso/oidc) | [https://CUSTOMER\_ID.moveworks.com](https://CUSTOMER_ID.moveworks.com) | | Canada | [https://CUSTOMER\_ID.am-ca-central.moveworks.com/login/sso/oidc](https://CUSTOMER_ID.am-ca-central.moveworks.com/login/sso/oidc) | [https://CUSTOMER\_ID.am-ca-central.moveworks.com](https://CUSTOMER_ID.am-ca-central.moveworks.com) | | EU | [https://CUSTOMER\_ID.am-eu-central.moveworks.com/login/sso/oidc](https://CUSTOMER_ID.am-eu-central.moveworks.com/login/sso/oidc) | [https://CUSTOMER\_ID.am-eu-central.moveworks.com](https://CUSTOMER_ID.am-eu-central.moveworks.com) | | Australia / Asia Pacific | [https://CUSTOMER\_ID.am-ap-southeast.moveworks.com/login/sso/oidc](https://CUSTOMER_ID.am-ap-southeast.moveworks.com/login/sso/oidc) | [https://CUSTOMER\_ID.am-ap-southeast.moveworks.com](https://CUSTOMER_ID.am-ap-southeast.moveworks.com) | | Government Secure Cloud | [https://CUSTOMER\_ID.moveworksgov.com/login/sso/oidc](https://CUSTOMER_ID.moveworksgov.com/login/sso/oidc) | [https://CUSTOMER\_ID.moveworksgov.com](https://CUSTOMER_ID.moveworksgov.com) | 7. Enter the values as shown below and hit Save. ![](https://files.readme.io/942c0af-1.png) ![](https://files.readme.io/6288597-1.png) 8. Go back to General Settings and uncheck **Require consent**. ![](https://files.readme.io/b385444-2.png) ![](https://files.readme.io/63a8630-3.png) 9. In order to allow customer users to login without manually inputting email, set a **Initiate login URI** from the table below based on the Region you are setup in. Replacing the `CUSTOMER_ID` with the value for your org which was collected as part of the **Prerequisites**. | Region | Sign-in Redirect URI | Login URI | | :----------------------- | :------------------------------------------------------------------------------------------------------------------------------------ | :------------------------------------------------------------------------------------------------------ | | United States (default) | [https://CUSTOMER\_ID.moveworks.com/login/sso/oidc](https://CUSTOMER_ID.moveworks.com/login/sso/oidc) | [https://CUSTOMER\_ID.moveworks.com](https://CUSTOMER_ID.moveworks.com) | | Canada | [https://CUSTOMER\_ID.am-ca-central.moveworks.com/login/sso/oidc](https://CUSTOMER_ID.am-ca-central.moveworks.com/login/sso/oidc) | [https://CUSTOMER\_ID.am-ca-central.moveworks.com](https://CUSTOMER_ID.am-ca-central.moveworks.com) | | EU | [https://CUSTOMER\_ID.am-eu-central.moveworks.com/login/sso/oidc](https://CUSTOMER_ID.am-eu-central.moveworks.com/login/sso/oidc) | [https://CUSTOMER\_ID.am-eu-central.moveworks.com](https://CUSTOMER_ID.am-eu-central.moveworks.com) | | Australia / Asia Pacific | [https://CUSTOMER\_ID.am-ap-southeast.moveworks.com/login/sso/oidc](https://CUSTOMER_ID.am-ap-southeast.moveworks.com/login/sso/oidc) | [https://CUSTOMER\_ID.am-ap-southeast.moveworks.com](https://CUSTOMER_ID.am-ap-southeast.moveworks.com) | | Government Secure Cloud | [https://CUSTOMER\_ID.moveworksgov.com/login/sso/oidc](https://CUSTOMER_ID.moveworksgov.com/login/sso/oidc) | [https://CUSTOMER\_ID.moveworksgov.com](https://CUSTOMER_ID.moveworksgov.com) | ![](https://files.readme.io/6673781-4.png) ## Finish the Moveworks side of the integration After setup is complete, provide the following information to your Customer Success team. 1. Go to the General tab. ![](https://files.readme.io/6220af7-Screen_Shot_2022-04-26_at_2.52.19_PM_2.png) 2. Share the `idp_client_id` , `idp_secret` , and `idp_issuer` with your Customer Success team. The `idp_issuer` is not in the Okta settings, but it should be based on your Okta instance name (e.g. If you login at [https://example.okta.com](https://example.okta.com) , then share that value for your `idp_issuer` ).\ ![](https://files.readme.io/7327e0c-1.png) 1.