• Introduction
• Prerequisites
• Add the Youverse SSO Integration
• Enroll users
• Test the Youverse SSO Connection
• Troubleshooting

Okta

Achieve a truly frictionless login experience with Youverse Single Sign-On (SSO). To login with Youverse, you need a username and a selfie, and that’s it! No more passwords to worry about.

This guide details the required steps to setup Youverse as an external identity provider in your Okta cloud instance.

With this integration you can easily add a passwordless login option for all your Okta enabled apps using Youverse SSO.

Prerequisites

1. An Okta developer account. Sign up for free here.
2. An Okta application that you want to add authentication to.
3. Register your app with Youverse:
   1. Find your Okta domain name.
   2. Send an e-mail to support@youverse.id requesting a SSO service account and provide your app name and Okta domain. You will receive a unique identifier for the registered app and also a secret (Client ID and Client Secret). Make note of these values, you will need them later.

Add the Youverse SSO Integration

To integrate Youverse SSO with your Okta instance, follow the steps below.

1. From your Okta admin dashboard click on Security > Identity Providers.
2. Click on the Add identity provider button.
3. In the identity provider selection screen, select the OpenID Connect IdP option and click Next.
4. Fill out the following fields in the Configure OpenID Connect IdP screen:
   • General settings:
     • Name - Enter a name for this connection (e.g. "Youverse").
     • Scopes - Leave the defaults (“openid profile email”).
   • Clint details:
     • Client ID - Paste the Client ID received from Youverse.
     • Client Secret - Paste the Client Secret received from Youverse.
   • Endpoints (values obtained from well-known URL :
     • Issuer - https://accounts.youverse.id.
     • Authorization endpoint - https://accounts.youverse.id/oauth/authorize.
     • Token endpoint - https://accounts.youverse.id/oauth/token.
     • JWKS endpoint - https://accounts.youverse.id/oauth/jwks.
5. Click Finish. A page will appear with a list of your identity providers, including Youverse.
6. Expand the Youverse entry and make note of the Redirect URI. Please share this URI with Youverse.
7. Done!.

Additional configuration options are described here.

Enroll users

Users can enroll with Youverse by signing up here using the same e-mail address as in their Okta login. This way, we can link both Youverse and Okta accounts with the user e-mail.

After the e-mail is confirmed, it will be available through the OIDC email claim.

Test the Youverse SSO Connection

Now you are ready to test your Youverse SSO Connection.

Troubleshooting

If you find any issues or need help with the setup please contact us or join us at our discord community.