> ## Documentation Index > Fetch the complete documentation index at: https://bloodhound.specterops.io/llms.txt > Use this file to discover all available pages before exploring further. # OIDC: Okta Configuration > This document provides instructions for creating an application within Okta for compatibility with BloodHound Enterprise. export const IDPIntro = ({auth_mode}) => { const mode = (auth_mode || '').toUpperCase(); const isOIDC = mode === 'OIDC'; const href = isOIDC ? '/manage-bloodhound/auth/oidc' : '/manage-bloodhound/auth/saml'; const label = isOIDC ? 'OIDC' : 'SAML'; return See {label} in BloodHound for order of operations, general {label} setup, and user configuration in BloodHound. ; }; Applies to BloodHound Enterprise and CE ## Create an Okta application To create an Okta application for BloodHound, complete the following steps: Follow the [Okta documentation](https://help.okta.com/oie/en-us/content/topics/apps/apps_app_integration_wizard_oidc.htm) to create a new application. Set your application type to **Native**. When configuring the Okta application, use the following settings: | Field | Value | | ------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **Login redirect** | `https://{domainname}/api/v2/sso/{chosenProviderName}/callback`

**Example**: `https://test.bloodhoundenterprise.io/api/v2/sso/bhestandard/callback` | | **Logout redirect** | `https://{domainname}/`

**Example**: `https://test.bloodhoundenterprise.io/` | Note the following values: * **Client ID** * **Issuer URL** You'll use the **Client ID** from the Okta *Client Credentials* and the **Issuer URL** from the Okta *Authorization Server* when you [configure BloodHound](/manage-bloodhound/auth/oidc#configure-bloodhound). If you want to map additional user attributes (first name, last name, role) from Okta to BloodHound, you must create [custom claims](https://help.okta.com/oie/en-us/content/topics/apps/federated-claims-overview.htm) in Okta. Go to **Security** > **API** > **Authorization Servers** > **Claims** and create the following claims: | Field | Setting | | ------------------------- | ---------------------- | | **Name** | first\_name | | **Include in token type** | ID Token → Always | | **Value type** | Expression | | **Value** | `user.firstName` | | **Include in** | Any scope (or Profile) | | Field | Setting | | ------------------------- | ---------------------- | | **Name** | last\_name | | **Include in token type** | ID Token → Always | | **Value type** | Expression | | **Value** | `user.lastName` | | **Include in** | Any scope (or Profile) | | Field | Setting | | ------------------------- | ---------------------- | | **Name** | roles | | **Include in token type** | ID Token → Always | | **Value type** | Groups | | **Filter** | Starts with --> `bh-` | | **Include in** | Any scope (or Profile) |