Prerequisites
- A Super Admin or Org Admin role in your Okta workspace. Trusted Origins fall under “Edit Okta Settings”, which only those roles can change.
- The Corsa region your workspace runs in (US or EU). Redirect and trusted-origin values differ per region.
Setting up the integration
Step 1: Create an OIDC Web Application
- Sign in to the Okta Admin Console.
- Go to Applications → Applications.
- Click Create App Integration.
- Choose:
- Sign-in method: OIDC - OpenID Connect
- Application type: Web Application
- Click Next.
Step 2: Configure the application
On the New Web App Integration screen:-
App integration name: any descriptive name (for example,
Corsa). - Grant type: keep the default Authorization Code.
-
Sign-in redirect URIs: add the Corsa callback URL for your region.
US workspace:
EU workspace:These callback URLs use the
tweed-compliancedomain — this is Corsa’s Auth0 tenant. Enter the URL exactly as shown. - Sign-out redirect URIs: leave empty unless your org requires one.
- Assignments → Controlled access: choose who should be able to sign in to Corsa through Okta (typically a specific group, or everyone in your org).
Step 3: Add Corsa as a Trusted Origin
Trusted Origins are configured separately from the app, under Security.- In the Admin Console, go to Security → API.
- Open the Trusted Origins tab.
- Click Add Origin.
- Enter:
- Name:
Corsa. - Origin URL: the Corsa app URL for your region, including the
https://scheme:- US workspace:
https://app.corsa.finance - EU workspace:
https://app.eu.corsa.finance
- US workspace:
- Type: select both CORS and Redirect.
- Name:
- Click Save.
Step 4: Share your credentials with Corsa
From the application’s General tab, copy the values under Client Credentials and send them to the Corsa team along with your Okta domain:- Client ID
- Client Secret
- Okta domain (for example,
your-org.okta.com)