Docs / Install

Setting up Okta to work with Tailscale

Unlike GSuite and Office365 authentication, which can be activated automatically during a Tailscale trial, you will have to contact us to enable your domain for Okta authentication. We are actively working to make this process more automated. In the meantime, here are the steps you’ll need to follow.

  1. In the Okta admin console, go to the Applications tab.

    • Click Create New App
  2. Select:

    • Platform: Web
    • Signon method: OpenID Connect
  3. On the Create OpenID Connection Integration page, enter:

  4. In General Settings:

    • Click Edit
  5. Under Allowed grant types / Client acting on behalf of a user:

    • Enable Refresh Token
  6. When done, fill out the OpenID Connect SSO Provider Request form.

After you send us your Okta app information, note that it may take up to two business days to activate your domain.

Last updated