Demo: Social Authentication (via Facebook)

Speaker 1: To set up social authentication with Facebook and Okta, you have to make a few changes on both sides to establish a mutual trust relationship.

Speaker 1: We'll start on the Okta side. The fastest way is to use our identity provider wizard to set up Facebook in just a few clicks. The default settings are sufficient for everything except the Facebook app configuration. By default, we'll match an Okta username to a Facebook username, but we can also match based on email address. To help you set up the required app, we have a handy guide available here.

Speaker 1: When I visit Developers.Facebook.com I'm already logged in, so now I can create my application. The default configuration is sufficient, so now I need to just copy my app ID and app secret. If you're familiar with Oauth and Openid Connect, these are equivalent client ID and client secret.

Speaker 1: Now we go back to Okta, save and we get back a pair of URLs. We'll grab the second one and update our Facebook app with it. What we've just done is set up a handshake between Okta and Facebook. When a user visits the Okta login page, they can select Facebook and Okta will add the scopes it requires, like email on profile. Once a user authenticates, the Facebook app handles passing the user back to Okta with the required information and the accounts are connected. This may seem like quite a few steps, but an administrator only has to do this once. The users will never see anything we've done so far.

Speaker 1: On the user facing side we'll take the default Okta sign in widget and add a couple things. First, we need to add Facebook as a log in option. Second, we need to add Openid Connect as the client configuration. And now we go back to our sign in widget. With just those two configuration changes. This default page has now become this. Now we can click the sign in with Facebook button and get rolling immediately. Alternatively, instead of using the sign in widget, you could use our APIs to accomplish the same thing.