Set up Okta OpenID Connect authentication

OpenID Connect is the preferred authentication protocol for Gong because it is more user-friendly and secure than other methods.

We currently support SP-initiated and IDP-initiated SSO. For more information on the listed features, refer to the Okta Glossary.

If you are using Okta OpenID Connect authentication, make sure anyone using the Gong mobile app downloads the latest app version to sign in with OpenID Connect.

Setup

You must be an admin in Okta and a technical admin in Gong to set up Okta OpenID Connect authentication

Step 1: Set up Gong in Okta

1. Log in to your Okta Admin account.

2. Click Admin, and then Applications.

    

3. Click Create App Integration.

    

4. Select OIDC - OpenID Connect as the Sign-in method.

5. Select Web Applications as the Application Type.

6. In the Trusted Origins and Assignments sections that follow, there are no configuration requirements. Define as needed.

7. Click Next.

    

8. In General Settings, App integration name field, give the app a name, for example, Gong via OIDC, and add a logo if needed.

9. In the Grant Type section, select the Refresh Token and Implicit Hybrid checkboxes.

10. In the Sign-in redirect URIs field, enter: https://app.gong.io/welcome/okta/oidc/login_callback

11. In the Sign-out redirect URIs field, enter: https://app.gong.io/logout

12. Click Save. You have now created an OIDC custom Okta app. Continue by configuring the app and assigning users to it.

13. Go to the LOGIN in the General tab.

     

14. The Sign-in and Sign-out redirect URIs are pre-populated based on the information you added in the General Settings.

15. For Login initiated by, select Either Okta or App.

16. For Application visibility, select what makes sense for your organization.

17. For Login flow, select Redirect to app to initiate login (OIDC Compliant).

18. For Initiate login URI, enter: https://app.gong.io/welcome/okta/oidc/login

19. Click Save.

20. Make a note of the Client ID and Client secret provided.

     

21. Click the Sign On tab and go to the Open ID Connect ID Token section.

     

22. Make a note of the Issuer URL. The URL usually appears in the following format: https://mycopmany.okta.com.

23. Click the Assignments tab.

     

24. Assign users and/or groups that should have access to Gong. Make sure that the email addresses you use in Okta match those used in Gong.

Step 2: Set up Okta OpenID Connect in Gong

1. In Gong, click Company settings > Authentication.

    

2. In the Additional authentication providers area, select Okta OpenID Connect.

3. Enter the Client ID, Client Secret and Authentication URL that you got when setting up Gong in Okta.

   The authentication URL is the Issuer URL, i.e. the unique resource location of the issuing entity.

4. If you also want to set any other sign-in methods, choose any of the other available methods. See Set log in method for more info.

5. Click Update.

   Your users can now sign in to Gong using the Okta sign-in method in the Welcome to Gong sign-in screen.

Sign in to Gong using Okta OpenID Connect authentication

When signing in to Gong, your users should do the following:

1. In the Welcome to Gong screen, enter the email address associated with your Gong account in Okta.

    

2. Click Sign in with Okta on the page that follows.