In this tutorial we will demonstrate on how we can Implement SSO using OKTA OpenID External Identity Provider for MuleSoft Anypoint Platform

To Start with first create an account on OKTA

SSO using OKTA in Anypoint Platform


Activate your account and login into it

SSO using OKTA in Anypoint Platform


Your account will be setup with similar URL like –

Once login – go to API -> Authorization Servers

SSO using OKTA in Anypoint Platform


Click on default

SSO using OKTA in Anypoint Platform


We can see two details Issuer and Metadata URI

If we open the Metadata URI in browser we can see more details like issuer, authorization_endpoint and token_endpoint which will be needed in Anypoint Platform

  "issuer": "",
  "authorization_endpoint": "",
  "token_endpoint": "",
  "registration_endpoint": "",
  "jwks_uri": "",
  "response_types_supported": [
    "code id_token",
    "code token",
    "id_token token",
    "code id_token token"
  "response_modes_supported": [
  "grant_types_supported": [
  "subject_types_supported": [
  "scopes_supported": [
  "token_endpoint_auth_methods_supported": [
  "claims_supported": [
  "code_challenge_methods_supported": [
  "introspection_endpoint": "",
  "introspection_endpoint_auth_methods_supported": [
  "revocation_endpoint": "",
  "revocation_endpoint_auth_methods_supported": [
  "end_session_endpoint": "",
  "request_parameter_supported": true,
  "request_object_signing_alg_values_supported": [


Now we will create an app for accessing OKTA server from Anypoint Platform

OKTA dashboard -> Click on Application


Click on add application and chose web


We have to provide below details

We can get the Login redirect URIs from Anypoint platform

Click on user manual registration


Copy the redirect URI


Fill the details and click done


This will create the client app in OKTA with client credentials


Please note down the client id and secret

  • Client id – 0oafvmn08ElEjRTyy5d5
  • Client secret – y3MtvsUlKbEtRSwUOHpycxtryi5ZVsVkcQ1KLyzC


Now let’s fill the details in Anypoint platform


We need following details

  • Client id – OKTA client app’s client id
  • Client secret – OKTA client app’s client secret
  • OpenID Connect Issuer – issuer in Metadata URI JSON
  • Authorize URL– authorization_endpoint in Metadata URI JSON
  • Token URL – token_endpoint in Metadata URI JSON
  • User Info URL – change the token to userinfo in token endpoint


Click on create and now the identity provider -> external provider will come as enabled


Now let’s add a user in OKTA

Go to Users -> Add Person


We can see the new user now


Now we will use our Anypoint redirect URL to login to Anypoint platform

This will redirect us to OKTA login page

SSO using OKTA in Anypoint Platform


Provide the new username and credentials

SSO using OKTA in Anypoint Platform


We are able to login now in Anypoint Platform

SSO using OKTA in Anypoint Platform


Thank you for taking out time to read the above post. Hope you found it useful. In case of any questions, feel free to comment below. Also, if you are keen on knowing about a specific topic, happy to explore your recommendations as well.
For any latest updates or posts on our website, you can follow us on LinkedIn. Look forward to connecting with you there.

Share this:
Notify of
Inline Feedbacks
View all comments