Documentation
incode.com
  1. Integrations Ecosystem
  2. IAM Integrations

Okta IDP

The Okta IDP integration configures Incode as the authenticator and Identity Provider (IdP) for your Okta organization. This is distinct from the Okta IDV Standard integration, which uses Okta's built-in IDV Standard. The IDP path gives you broader control over how Incode is wired into Okta: as an OIDC-based authenticator, as a full SSO provider, or both.

This integration is commonly used when you want Incode biometric verification to function as an MFA factor within Okta authentication and enrollment policies, rather than as a separate identity verification step triggered by Okta's IDV Standard.

Prerequisites

Ensure you have the following before you begin:

  • Access to the Integrations page in Dashboard. Contact your Incode Representative if you do not see it.
  • An Okta Identity Engine (OIE) instance.
  • An Okta administrator account with permissions to add and modify Identity Providers, Authenticators, and Authentication Policies.

Understand Okta IDP

The IDP integration uses an OIDC Identity Provider configured in Okta, backed by Incode. When a user is required to authenticate with the Incode factor, Okta redirects them to an Incode verification session through the OIDC flow. After the session completes, Incode returns a signed token to Okta to confirm the result.

After the OIDC IDP is set up, you create an Okta Authenticator that wraps it, then reference that authenticator in your Enrollment and Authentication Policies to control when and for which users Incode verification is required.

Okta Environment Compatibility

Okta offers two environments with slightly different configuration paths. Use the page for your environment:

If you are unsure which environment your organization uses, check your Okta Admin Console. OIE instances show “Identity Engine” in the footer.

What's Next

After completing authenticator setup, you can also: