OKTA Authentication

[dvpbandaru]

Is your feature request related to a problem? Please describe. OKTA Authentication

Describe the solution you'd like OKTA Authentication is not able to integrate here, even though i have changed in production.py with all the necessary credentials, not able to see the authenticated page where as i still can see the login page

Describe alternatives you've considered My code is something like below: from .base import * # noqa from .base import env

GENERAL

------------------------------------------------------------------------------

SECRET_KEY = env("DJANGO_SECRET_KEY") hosts = env("DJANGO_ALLOWED_HOSTS", default="ghostwriter.local localhost host.docker.internal") ALLOWED_HOSTS = hosts.split(" ")

DATABASES

------------------------------------------------------------------------------

DATABASES["default"] = env.db("DATABASE_URL") # noqa F405 DATABASES["default"]["ATOMIC_REQUESTS"] = True # noqa F405 DATABASES["default"]["CONN_MAX_AGE"] = env.int("CONN_MAX_AGE", default=60) # noqa F405

CACHES

------------------------------------------------------------------------------

... [rest of your CACHE settings] ...

SECURITY

------------------------------------------------------------------------------

... [rest of your SECURITY settings] ...

MEDIA

------------------------------------------------------------------------------

TEMPLATES

------------------------------------------------------------------------------

... [rest of your TEMPLATE settings] ...

EMAIL

------------------------------------------------------------------------------

... [rest of your EMAIL settings] ...

ADMIN

------------------------------------------------------------------------------

ADMIN_URL = env("DJANGO_ADMIN_URL")

Anymail (Mailgun)

------------------------------------------------------------------------------

... [rest of your Anymail settings] ...

django-compressor

------------------------------------------------------------------------------

... [rest of your django-compressor settings] ...

Collectfast

------------------------------------------------------------------------------

... [rest of your Collectfast settings] ...

LOGGING

------------------------------------------------------------------------------

... [rest of your LOGGING settings] ...

OKTA AUTHENTICATION

------------------------------------------------------------------------------

INSTALLED_APPS += ['okta_oauth2.apps.OktaOauth2Config'] # noqa F405 AUTHENTICATION_BACKENDS = ['okta_oauth2.backend.OktaBackend']

OKTA_AUTH = { "ORG_URL": "https://company.oktapreview.com/app/UserHome", "ISSUER": "https://company.oktapreview.com/", "CLIENT_ID": "xxxxxxxxxxxxxxxxxxx", "CLIENT_SECRET": "yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy", "REDIRECT_URI": "http://company.com/accounts/okta/callback/", }

Your stuff...

------------------------------------------------------------------------------

Additional context What could be the desired changes for this

[chrismaddalena]

Hey @dvpbandaru, I don't know of anyone who has used Okta with Ghostwriter, but it should be possible according to the documentation of the SSO library we use. Ghostwriter incorporates django-all-auth which enables you to use various SSO providers. Their docs mention this for Okta:

https://docs.allauth.org/en/latest/socialaccount/providers/okta.html

You might try that instead of adding in django-okta-auth. I don't have any experience with that plugin to check your configuration, but maybe someone else does. Most users who use an SSO provider (Google, Azure) do so via Django All Auth.

[github-actions[bot]]

This issue has been labeled as stale because it has been open for 30 days with no activity.

[github-actions[bot]]

This issue is closed because it has been inactive for 14 days since being labeled stale. Feel free to re-open the issue with a comment. If this needs further discussion (e.g., a feature request), it might be better to open a topic under the Discussions tab.