First, in your Okta account, create a new Application. Go to Applications, and click ‘Add Application’
Then click ‘Create New App’
As the application integration type, select OpenID Connect.
Name the application, and in the field Login redirect URI’s, put your authorization domain /cdn-cgi/access/callback. Click Save.
Then Okta will show you your completed Application.
Scroll down to the OpenID Connect Token section and click Edit.
In the groups claim field, switch ‘Starts With’ to ‘Regex’ and set it equal to .*
Now select the
General tab. Scroll down to copy your Client ID and Client Secret from the Okta dashboard. Paste them into the respective fields to the left of these instructions.
In the Okta dashboard, click on Assignments for the Application.
Now you can use the Cloudflare dashboard and specify which Okta groups and users should be allowed or denied access.
Now Click on “Save and Test” on the Cloudflare dashboard to make sure your connection to the identity provider is successful.