On the Okta Admin Console, select Applications > Applications.

Click Create App Integration.

Select Web application as the Application Type.

Set Assignments / Controlled Access according to your organization’s policies and Save the application.

Create the Prisma Cloud Config using the values listed below:

1. Client ID config element: Find this under General → Client Credentials. Use this value for Client ID.

2. Client Secret config element: Generate a new Client Secret and use this value. Make sure you note the expiration date and set up a scheduled refresh.

3. Issuer config element: Use “issuer” value from response to https://<okta tenant>/.well-known/openid-configuration (where <okta tenant> is your .okta.com unique tenant identifier).

4. Auth URI config element: Use “authorization_endpoint” from response to https://<okta tenant>/.well-known/openid-configuration. Apply this to https://<okta tenant>/oauth2/v1/authorize.

5. Token URI config element: Use “token endpoint” from response to https://<okta tenant>/.well-known/openid-configuration. Apply this to https://<okta tenant>/oauth2/v1/token.

6. JWK Set URI config element: Use “jwks uri” from response to https://<okta tenant>/.well-known/openid-configuration. Apply this to https://<okta tenant>/oauth2/v1/keys

   You can also reference https://<okta tenant>/.well-known/openid-configuration/ for the config values above.