AWS Wickr Single Sign-on (SSO) setup with Okta

Complete the following steps in OKTA

1. Create an app integration under Applications:

2. Select OIDC as the Sign-in method and Native Application as the Application Type:

3. Enter an App integration name and select the below Grant type options:

4. Enter the Sign-in redirect URI from the SSO configuration page in the AWS Wickr admin console. For AWS Wickr, this is: https://messaging-pro-prod.wickr.com/deeplink/oidc.php

5. (Recommended) Edit the General settings to select Client secret under Client authentication and Generate new secret.

6. Keep Okta open as you will need to use the info in the AWS Wickr console.

Complete the following steps in the AWS Management Console for AWS Wickr

7. Open the AWS Management Console for Wickr at https://console.aws.amazon.com/wickr/.

8. On the Networks page, select the network name to navigate to the network you want to connect Okta with.

9. In the navigation pane, choose User Management > Single Sign-on > Edit.

10. Add the following required information:

• Issuer - This is the URL of your Okta instance.

• Client ID and Client secret - These were provided when setting up Okta (Step 5).

• Scopes - email openid profile offline_access

• Company ID - This can be any text value and must be unique. This text is what your users will enter when registering on new devices.

11. Click Next to test the connection.
12. Click Next to review details and Save Changes.

Users added to the application from Okta will be able to sign in to the AWS Wickr network by choosing the Sign in With SSO option on their clients.
Important note: Users will need to enter the Company ID and verify their email through Wickr's email verification when signing in for the first time.