Skip to main content
Requirements
  • An Okta organization account with admin permission
  • A Bright Data account with admin permission
Steps:
  1. On your Okta admin dashboard, choose ‘Applications > Applications
https://[your_domain]-admin.okta.com/admin/apps/active
  1. Click ‘Create App Integration
mceclip0.png
  1. Select ‘OIDC - OpenID Connect’ as the Sign-in method,
  2. Select’Web Application’ as the Application type and click ‘Next
mceclip1.png
  1. At this point you should be redirected to a new web app integration page. Here you can name your app integration (we recommend to use “Bright Data Control Panel” name).
  2. At ‘Grant type’ select Implicit along with Authorization Code
mceclip0.png
  1. Go to Bright Data Control Panel
  2. Open OKTA configuration dialog
mceclip1.png
  1. Copy “Sign-in redirect URI”
mceclip2.png
  1. Paste it to according field in New App setup in OKTA
mceclip3.png
  1. Repeat the same for “Sign-out URI”
  2. At ‘Assignments’, select an access level as you want
mceclip6.png
  1. Click ‘Save
  2. Now, you should land on your new app integration settings page.
Copy your Client IDClient Secret, and Okta domain to OKTA setup dialog in your Bright Data Control Panel.  mceclip4.png mceclip5.png
  1. Click “Activate”.
Skip step 16 if you selected “Allow everyone to access”
  1. Go to “Assignments” tab and assign users allowed to use this integration
mceclip6.png
  1. Go to Bright Data Settings page and make sure all required users presented.
We’re working on users provisioning support, at the moment - you should manage it manually. mceclip7.png The following steps are optional. They are for enabling your users to launch authentication from their dashboard or the Okta Chrome extension.
  1. Scroll down to ‘General Settings’ and click Edit
  2. Set these settings:
  • Login initiated by: Either Okta or App
  • Application visibility: Display application icon to users
  • Login flow: Redirect to app to initiate login (OIDC Compliant)
  • Copy Initiate login URI from Control Panel
mceclip8.png mceclip9.png
  1. Save changes. Now the integration is ready to work.
Notes
  • Okta Domain should be the one that appears in your app integration settings (yourcompany.okta.com), NOT the one you are seeing as an admin (yourcompany-admin.okta.com)
  • Make sure the Credentials provided to Bright Data are correct, we cannot check them on our side.
-  Sign-in Redirect URI is a must in order to make the SSO feature work correctly
-  Initiate login URI is needed if the you wants to be able to use the feature from the Okta Chrome extension or the Okta dashboard

SSO technical reference

This section is for enterprise security teams completing vendor SSO questionnaires.

Protocol

Bright Data supports SSO via OpenID Connect (OIDC) only. SAML 2.0 is not supported. There is no SAML metadata XML, Entity ID, or ACS URL.

Supported identity providers

  • Okta
  • Microsoft Entra ID (Azure AD)

OIDC parameters

ParameterValue
ProtocolOpenID Connect (OIDC)
User identifieremail claim
Required scopesprofile email
Required claimsemail
Optional claimsgivenName, familyName

Account provisioning

Identity providerProvisioning method
OktaManual. Add users in the Bright Data Control Panel. User record is created automatically on first sign-in.
Microsoft Entra IDAutomatic via SCIM.

Additional details

  • Password logins can be disabled entirely.
  • Access is controlled by users added to the account, not by email domain.
  • Different user roles are available to restrict access per user.

Google OAuth 2.0

Bright Data also supports login via Google OAuth 2.0.
ParameterValue
Required scopeshttps://www.googleapis.com/auth/userinfo.profile, https://www.googleapis.com/auth/userinfo.email
Account provisioningUser must be added to the account via the Bright Data Control Panel first. User record is created after signing up using “Continue with Google”.