IDaaS mode provides a way for OneLogin, Okta, or the customer's own IDaaS provider integration, which needs to support the grant type "password" in OIDC application.



Before Joining


For OneLogin and Okta

Fill out the "Client Domain", "Client Id", "Client Secret", "LDAP Bind DN Password" and "Client Region" (OneLogin only) fields, then click the "Switch To This Mode" button.


The available options are:

  • Client Domain - Your OneLogin or Okta domain.
  • Client ID - Login credentials from OneLogin or Okta.
  • Client Secret - The password for the Client ID login.
  • Client Region - OneLogin only.  Enter "us" or "eu".
  • Allow Web Access For - The users are allowed to access the Team Portal. The four options are "All OneLogin/Okta Users", "Users explicitly imported", "Users in specified groups", and "Disallow all users".


For Customer's Own IDaaS Provider

Fill out the "Provider Info", "Client Info" and "Credential" fields, then click the "Switch To This Mode" button.

The available options are:

  • Provider name - The name of the IDaaS provider that the user can self-defined input.
  • Metadata Address - The metadata Address of the IDaaS provider, which needs to support the grant type "password".
  • Client ID - The Client ID of the IDaaS provider that enables the OIDC application.
  • Client Secret - The Client Secret of the IDaaS provider that enables the OIDC application. 
  • User Name - An available user's name from your IDaaS provider.
  • Password - The password of the IDaaS provider's available user.
  • Allow Web Access For - The users are allowed to access the Team Portal. The three options are "All Generic Users", "Users in specified groups", and "Disallow all users".


After Joining


After successfully joined to the IDaaS - OneLogin / Okta / Generic mode, the Authentication pages will be similarly shown as the picture below.


The difference on the Authentication page between the different IDaaS providers is the "Sync From..." button.

  • For IDaaS - OneLogin and Generic modes, the button is "Sync Users Info From OneLogin/Generic": Synchronize the information of users in your Morro account with your OneLogin / your own IDaaS provider account. (It is not supported to import groups from OneLogin and your own IDaaS provider to the Morro account).
  • For IDaaS Okta mode, the button is  "Sync Groups/Users Info From Okta": Synchronize the information of users/groups in your Morro account with your Okta account.



For more information on configuring your OneLogin or Okta account for use with Morro Data, see the following articles:


OneLogin Integration (IDaaS Mode)

Okta Integration (IDaaS Mode)

Generic IDaaS Integration (IDaaS Mode)