First, in your Okta account, create a new Application. Go to Applications, and click ‘Add Application’ ok-ent1 Then click ‘Create New App’ ok-ent2 As the application integration type, select OpenID Connect. ok-ent3 Name the application, and in the field Login redirect URI’s, put your authorization domain /cdn-cgi/access/callback. Click Save. ok-ent4 Then Okta will show you your completed Application. Scroll down to the OpenID Connect Token section and click Edit. ok-ent5 In the groups claim field, switch ‘Starts With’ to ‘Regex’ and set it equal to .* ok-ent6 Click Save. Now select the General tab. Scroll down to copy your Client ID and Client Secret from the Okta dashboard. Paste them into the respective fields to the left of these instructions. ok-ent7 ok-ent8 In the Okta dashboard, click on Assignments for the Application. ok-ent9 Now you can use the Cloudflare dashboard and specify which Okta groups and users should be allowed or denied access. ok-ent10 ok-ent11 ok-ent12 Now Click on “Save and Test” on the Cloudflare dashboard to make sure your connection to the identity provider is successful. ok-ent13