Vault
Okta
- Make sure an Authorization Server has been created. The "Issuer" field shown on the Setting page
will be used as the
oidc_discovery_url
. - Visit Applications > Add Application (Web).
- Configure Login redirect URIs. Save.
- Save client ID and secret.
Note your policy will need oidc_scopes
to include profile
to get a full profile
("Fat Token").
You will also need to configure bound audience along the lines of
"bound_audiences": ["api://default", "0a4........."]
if you are using the default
authorization server.