Skip navigation

Okta integration for Optimizely CMS

Instructions for integrating Okta into an Optimizely CMS web app. By following these steps, you can seamlessly integrate Okta's authentication and authorization features into your Optimizely CMS web app.


To integrate Okta into your Optimizely CMS web app, follow these steps:

Install nuget packages

Install the following NuGet packages to your project:

  • Okta.AspNetCore

Add credentials

In the appsettings.json file, add the following configuration:

  "Okta": {
    "OktaDomain": "https://<your-domain>",
    "ClientId": "<client-id>",
    "ClientSecret": "<client-secret>",
    "AuthorizationServerId": "<authentication-server-id>"


In the Startup.cs file, include the following code:

using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.Extensions.Configuration;
using Okta.AspNetCore;

public class Startup
  private readonly IWebHostEnvironment _webHostEnvironment;
  private readonly IConfiguration _configuration;

  public Startup(
      IWebHostEnvironment webHostEnvironment,
      IConfiguration configuration)
      _webHostEnvironment = webHostEnvironment;
      _configuration = configuration;

  public void ConfigureServices(IServiceCollection services)
    if (_webHostEnvironment.IsDevelopment())
      // Write Personally Identifiable Information (PII) to the log
      IdentityModelEventSource.ShowPII = true;

      .AddAuthentication(o =>
        o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        o.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
        o.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
      .AddOktaMvc(new OktaMvcOptions
        OktaDomain = _configuration

        ClientId = _configuration

        ClientSecret = _configuration

        AuthorizationServerId = _configuration

        Scope = new List<string> { "openid", "profile", "email" },


To protect a specific controller/action, decorate it with the following code:

using Microsoft.AspNetCore.Authorization;

public class UserController : Controller {

Use Optimizely CMS roles for Authorization

Install EPiServer.CMS.UI.AspNetIdentity

Inside Startup.cs file, add following configuration:

// Remove AddCmsAspNetIdentity<ApplicationUser>() if there is any