Setting up Okta

To setup your GitBook site with authenticated access using Okta, the process looks as follows:

Create a new Okta application

First, sign in to Okta platform (the admin version) and create a new app integration (or use an existing one) by clicking the Applications button in the left sidebar.

Click Create App Integration and select OIDC - OpenID Connect as the Sign-In method. And then select Web Application as the application type.

Name it appropriately and don't edit any other setting on that page. For assignments, choose the appropriate checkbox. Click Save.

On the next screen, copy Client ID and Client Secret. Copy the Okta Domain right below your email address by clicking the dropdown in the top right.

We will need these values to configure the Okta Integration.

Install and configure the Okta integration

Navigate to the Integrations tab in the site you want to publish and locate the Okta integration or navigate directly to this https://app.gitbook.com/integrations/VA-Okta.

Install the integration on your site.

Upon installation on site, you will see a screen asking you enter the Client ID, Okta Domain, and Client Secret.

For Client ID, Okta Domain (remove https://prefix, if any) and Client Secret, paste in the value you copied from Okta Dashboard.

Click Save.

Copy the URL displayed in the modal and enter it as a Sign-In redirect URI in Okta (as shown in the below screenshot). Hit Save.

Now, in GitBook, close the integrations modal and click on the Manage site button. Navigate to Audience, select Authenticated access, and choose Okta as the backend. Then, click Update audience. Go to the site’s screen and click Publish. The site is now published behind authenticated access controlled by your Auth0 application. To try it out, click on Visit. You will be asked to sign in with Okta, which confirms that your site is published behind authenticated access using Auth0.

Configure Okta for adaptive content (optional)

To enable Adaptive Content in your GitBook site with authenticated access, you’ll need to configure your Okta application to include relevant user data as claims in the authentication token.

Claims are key-value pairs embedded in the token sent to GitBook. These claims can be used to dynamically tailor documentation based on the user’s role, plan, location, or any other identifying attribute.

Okta supports multiple types of claims:

• Standard Claims These are common claims (like email, name, or groups) that may be included by default but often need to be explicitly added to your token configuration for consistent availability.

• Custom Claims You can define custom claims in Okta using custom user attributes or expression-based logic. These allow you to pass highly specific values—like plan tier, account ID, or internal team flags.

• Groups as Claims You can also pass Okta groups as claims, which is especially useful when defining audience segments like “enterprise users” or “beta testers.” These can be filtered and mapped in your authorization server’s claim configuration.

To add or customize claims in Okta:

1. Open your Okta Admin Console.

2. Navigate to Security > API > Authorization Servers.

3. Edit the authorization server used for your GitBook site.

4. Under the Claims tab, add rules to include the desired claims in the token.

5. Make sure your GitBook site is reading and mapping those claims correctly.

Once claims are being passed into GitBook, follow the steps in Adapting your content to define what content should be shown to whom.