docs: improve Okta SSO setup guide with step-by-step instructions#20353
Merged
ishaan-jaff merged 3 commits intoBerriAI:mainfrom Feb 5, 2026
Merged
docs: improve Okta SSO setup guide with step-by-step instructions#20353ishaan-jaff merged 3 commits intoBerriAI:mainfrom
ishaan-jaff merged 3 commits intoBerriAI:mainfrom
Conversation
- Add clear steps for creating OIDC app in Okta Admin Console - Document critical Authorization Server Access Policy configuration - Add troubleshooting table for common errors - Link to official Okta documentation for detailed UI instructions - Fix incorrect OAuth endpoint examples (was using Auth0 URLs)
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Contributor
Greptile OverviewGreptile SummaryThis PR significantly improves the Okta SSO setup documentation by transforming it from a basic environment variable list into a comprehensive step-by-step guide. Key improvements:
The documentation now provides clear guidance on both Okta-side configuration and LiteLLM environment variable setup, making it much easier for users to successfully configure Okta SSO. Confidence Score: 5/5
|
| Filename | Overview |
|---|---|
| docs/my-website/docs/proxy/admin_ui_sso.md | Enhanced Okta SSO documentation with step-by-step setup guide, Authorization Server Access Policy instructions, and corrected OAuth endpoint examples |
Sequence Diagram
sequenceDiagram
participant User
participant LiteLLM Proxy
participant Okta
participant Okta Auth Server
Note over User,Okta Auth Server: Initial Setup (Admin configures in Okta Console)
User->>Okta: Create OIDC Web Application
User->>Okta: Assign users to application
User->>Okta Auth Server: Configure Access Policy for app
User->>LiteLLM Proxy: Set GENERIC_CLIENT_ID, GENERIC_CLIENT_SECRET, endpoints
Note over User,Okta Auth Server: SSO Login Flow
User->>LiteLLM Proxy: Navigate to /ui
LiteLLM Proxy->>Okta: Redirect to /oauth2/default/v1/authorize
User->>Okta: Authenticate with credentials
Okta->>Okta Auth Server: Check Access Policy
Okta Auth Server-->>Okta: Policy validated
Okta->>LiteLLM Proxy: Redirect to /sso/callback with auth code
LiteLLM Proxy->>Okta: Exchange code at /oauth2/default/v1/token
Okta-->>LiteLLM Proxy: Return access token
LiteLLM Proxy->>Okta: Fetch user info from /oauth2/default/v1/userinfo
Okta-->>LiteLLM Proxy: Return user details
LiteLLM Proxy-->>User: Logged in to Admin UI
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
ishaan-jaff
requested changes
Feb 3, 2026
|
|
||
| #### Troubleshooting | ||
|
|
||
| <Image img={require('../../img/okta_callback_url.png')} /> |
- Add screenshot showing Sign-in redirect URI configuration - Add screenshot showing Client Credentials location - Add screenshot showing Authorization Server Access Policy setup
- Replace screenshots with Scribe-annotated versions highlighting key areas - Add step-by-step screenshots for Authorization Server Access Policy setup - Remove old unannotated screenshots
ishaan-jaff
approved these changes
Feb 5, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Relevant issues
Addresses user feedback requesting detailed Okta Admin Console guidance for SSO setup.
Pre-Submission checklist
Please complete all items before asking a LiteLLM maintainer to review your PR
tests/litellm/directory, Adding at least 1 test is a hard requirement - see details - N/A (documentation only)make test-unit- N/A (documentation only)Type
📖 Documentation
Changes
Improved Okta SSO Documentation
The previous Okta SSO documentation only showed environment variables without explaining how to configure Okta itself. This PR adds:
no_matching_policyerror that is difficult to debugThe documentation follows a balanced approach: high-level steps with links to official Okta docs, while emphasizing the critical/non-obvious steps that users commonly miss.