---
title: "Set up Okta OpenID Connect authentication"
slug: "set-up-okta-openid-connect-authentication"
updated: 2026-01-08T11:42:20Z
published: 2026-01-08T11:42:20Z
---

> ## Documentation Index
> Fetch the complete documentation index at: https://help.gong.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Set up Okta OpenID Connect authentication

> **Who can use this**: Tech admin
> 
> **Available on**: Any Gong plan

> **Where to go:**Admin center > Settings > Authentication

OpenID Connect is the preferred authentication protocol for Gong because it is more user-friendly and secure than other methods.

We currently support SP-initiated and IDP-initiated SSO. For more information on the listed features, refer to the [Okta Glossary](https://help.okta.com/en/prod/Content/Topics/Reference/glossary.htm).

If you are using Okta OpenID Connect authentication, make sure anyone using the [Gong mobile app](/v1/docs/intro-to-the-gong-mobile-app) downloads the latest app version to sign in with OpenID Connect.

## **Setup**

You must be an admin in Okta and a technical admin in Gong to set up Okta OpenID Connect authentication

### **Step 1: Set up Gong in Okta**

1. Log in to your Okta Admin account.
2. Click **Admin**, and then **Applications**.

![Okta_create_app_integration](https://cdn.us.document360.io/2837c190-3ec8-4120-9116-6d427e774667/Images/Documentation/24885935080333.png)
3. Click **Create App Integration**.

![Okta_create_app_integration2](https://cdn.us.document360.io/2837c190-3ec8-4120-9116-6d427e774667/Images/Documentation/24885955000077.png)
4. Select **OIDC - OpenID Connect** as the **Sign-in method.**
5. Select **Web Applications** as the **Application Type**.
6. In the **Trusted Origins** and **Assignments** sections that follow, there are no configuration requirements. Define as needed.
7. Click **Next**.

![Okta_new_web_app_integration](https://cdn.us.document360.io/2837c190-3ec8-4120-9116-6d427e774667/Images/Documentation/24885950779021.png)
8. In **General Settings**, **App integration name** field, give the app a name, for example, Gong via OIDC, and add a logo if needed.
9. In the **Grant Type** section, select the **Refresh Token** and **Implicit Hybrid** checkboxes.
10. In the **Sign-in redirect URIs** field, enter: [https://app.gong.io/welcome/okta/oidc/login_callback](https://app.gong.io/welcome/okta/oidc/login_callback)
11. In the **Sign-out redirect URIs** field, enter: [https://app.gong.io/logout](https://app.gong.io/logout)
12. Click **Save**. You have now created an OIDC custom Okta app. Continue by configuring the app and assigning users to it.
13. Go to the **LOGIN** in the **General** tab.

![Okta_login](https://cdn.us.document360.io/2837c190-3ec8-4120-9116-6d427e774667/Images/Documentation/24885935639821.png)
14. The **Sign-in** and **Sign-out redirect URIs** are pre-populated based on the information you added in the **General Settings**.
15. For **Login initiated by**, select **Either Okta or App**.
16. For **Application visibility**, select what makes sense for your organization.
17. For **Login flow**, select **Redirect to app to initiate login (OIDC Compliant)**.
18. For **Initiate login URI**, enter: [https://app.gong.io/welcome/okta/oidc/login](https://app.gong.io/welcome/okta/oidc/login)
19. Click **Save**.
20. Make a note of the Client ID and Client secret provided.

![Okta_client_credentials](https://cdn.us.document360.io/2837c190-3ec8-4120-9116-6d427e774667/Images/Documentation/24885941168397.png)
21. Click the **Sign On** tab and go to the **Open ID Connect ID Token** section.

![Okta_openID_connect_token](https://cdn.us.document360.io/2837c190-3ec8-4120-9116-6d427e774667/Images/Documentation/24885955560845.png)
22. Make a note of the **Issuer** URL. The URL usually appears in the following format: https://mycopmany.okta.com.
23. Click the **Assignments** tab.

![Okta_assignments](https://cdn.us.document360.io/2837c190-3ec8-4120-9116-6d427e774667/Images/Documentation/24885941627661.png)
24. Assign users and/or groups that should have access to Gong. Make sure that the email addresses you use in Okta match those used in Gong.

### **Step 2: Set up Okta OpenID Connect in Gong**

1. In Gong, click **Admin center > Settings** tab > **Company**> **Authentication**.

![Okta_additional_authentication_providers](https://cdn.us.document360.io/2837c190-3ec8-4120-9116-6d427e774667/Images/Documentation/24885951763085.png)
2. In the **Additional authentication providers** area, select **Okta OpenID Connect**.
3. Enter the **Client ID**, **Client Secret** and **Authentication URL** that you got when setting up Gong in Okta.

The authentication URL is the Issuer URL, i.e. the unique resource location of the issuing entity.
4. If you also want to set any other sign-in methods, choose any of the other available methods. See [Set log in method](/v1/docs/set-sign-in-method) for more info.
5. Click **Update**.

Your users can now sign in to Gong using the Okta sign-in method in the **Welcome to Gong** sign-in screen.

### **Sign in to Gong using Okta OpenID Connect authentication**

When signing in to Gong, your users should do the following:

1. In the **Welcome to Gong** screen, enter the email address associated with your Gong account in Okta.

![Welcome_to_Gong](https://cdn.us.document360.io/2837c190-3ec8-4120-9116-6d427e774667/Images/Documentation/24885941930253.png)
2. Click **Sign in with Okta** on the page that follows.

A team member who manages and configures the Gong platform and handles CRM integrations, user provisioning, permissions, and system settings. [Find my Tech admin](/v1/docs/find-your-technical-or-business-admin).

Access to this feature depends on your [assigned seat](/v1/docs/plans-and-seats).