Mobb User Docs
Start NowBlogsWatch NowContact Us
  • What is Mobb?
  • What's New with Mobb
  • Supported Fixes
  • Getting Started
    • System Requirements
    • Onboarding Guide
      • Registering a Mobb account
      • Try Mobb now!
      • Running Mobb against your own code
      • Automate Mobb in a CI/CD pipeline
    • Working with the Fix Report
    • Mobb CLI Overview
      • Analyze Mode
      • Scan Mode
      • Add SCM Token Mode
      • Review Mode
      • Convert-to-SARIF Mode
      • Common Deployment Scenarios
  • Mobb Dashboard
  • Integrating SAST Findings
    • Checkmarx
      • Generating Checkmarx One JSON Report from CLI
    • Snyk
    • SonarQube
      • Generating a SonarQube SAST Report
    • Fortify
    • CodeQL
    • Semgrep/Opengrep
      • Generating a Semgrep SAST Report
      • Generating an Opengrep SAST Report
  • CI/CD Integrations
    • GitHub Actions
      • GitHub Fixer for CxOne
      • GitHub Fixer for Opengrep
    • GitLab Pipeline
    • Azure DevOps
    • Jenkins
    • CircleCI
    • Bamboo
    • Bitbucket Pipeline
    • Harness
  • Administration
    • User Management
    • Project Settings
    • Access Tokens
    • Organization-Level Fix Policy
    • Integrations Page
    • Single Sign-On (SSO)
      • Connecting Okta to Mobb
      • SAML Single Sign-On Flow
  • More Info
    • Mobb Broker
      • Mobb Broker Token Rotation
      • Secure storage of Mobb broker in AWS Secrets Manager
    • Providing Fix Feedback
    • Frequently Asked Questions (FAQ)
    • Data Protection and Retention
    • Service Level Agreement
  • Fixing Guides
    • SQL Injection
    • Path Traversal
    • Log Forging
    • XSS
    • XXE
    • Server Side Request Forgery
    • HttpOnly Cookie Vulnerabilities
    • Hardcoded Domain in HTML
    • Hardcoded Secrets
    • HTTP Response Splitting Attacks
    • Insecure Cookie Vulnerabilities
    • Insecure Randomness
    • Missing Check against Null
    • Missing Rate Limiting
    • Regex Missing Timeout
    • System Information Leakage
  • Mobb REST API Guide
Powered by GitBook
On this page
  • Step 1: Create an App Integration in Okta
  • Step 2: Configure the Application
  • Step 3: Grant API Permissions
  • Step 4: Gathering the required Information to send to Mobb
  • Step 5. Open a ticket with Mobb

Was this helpful?

  1. Administration
  2. Single Sign-On (SSO)

Connecting Okta to Mobb

PreviousSingle Sign-On (SSO)NextSAML Single Sign-On Flow

Last updated 3 days ago

Was this helpful?

This guide explains how to integrate your organization’s Okta identity provider with Mobb. This allows your users to seamlessly sign in to Mobb using Okta SSO (Single Sign-On).

Step 1: Create an App Integration in Okta

  1. Sign in to your Okta Admin Console.

  2. Navigate to Applications > Applications.

  3. Click Create App Integration.

  4. For Sign-in method, select OIDC - OpenID Connect.

  5. For Application type, choose Web Application.

  6. Click Next.

Step 2: Configure the Application

  1. App Name: Enter a descriptive name such as Mobb Okta Workspace.

  2. Sign-in redirect URIs:

    https://auth.mobb.ai/login/callback
  3. Sign-out redirect URIs:

    https://app.mobb.ai/
  4. Assignments: Define which users or groups can access the app. You may assign all users or select specific groups.

  5. Click Save.

Step 3: Grant API Permissions

Ensure the following API scopes are enabled in your Okta environment:

  • okta.apps.manage

  • okta.apps.read

  • okta.groups.read

  • okta.idps.read

  • okta.users.read

These permissions may be configured under: Security > API > Trusted Origins or Access Policies, depending on your Okta setup.

Step 4: Gathering the required Information to send to Mobb

In your Okta application, collect the following information:

  • Client ID

  • Client Secret

  • Okta Domain (e.g., dev-123456.okta.com)

  • Company Email Domain(s) (e.g., @yourcompany.com)

This information can be found in the application, underneath the General tab:

Step 5. Open a ticket with Mobb

Okta SSO Onboarding

Please include the Client ID, Client Secret, Okta Domain and Company Email Domains collected earlier.

This information allows Mobb to link your Okta environment to your users' email addresses and route authentication requests correctly.

Open a ticket at the with the subject:

We will reach out to you to confirm once Okta is fully ready to go. Once confirmed, you can start .

Mobb Support Portal
inviting users as described in the user management guide