Skip to main content

Okta SSO & Calendar Synchronization Setup (For IT Admin of Enterprises Using Okta SSO)

Updated over a month ago

Okta is a popular enterprise identity provider, and Brief AI supports Okta-based Single Sign-On (SSO) for organizations using Okta.

Enabling Okta SSO for your organization requires coordination with the Brief AI technical team because the configuration must be added to our secure infrastructure.


If your organization wishes to enable Okta SSO, please contact Brief AI Support to begin the setup process.

When Okta SSO is enabled, Brief AI provides your organization with a dedicated login page under a custom domain (e.g. yourcompany.wiseworks.ai).
This login page is configured to integrate with your Okta instance and will automatically redirect users into the correct authentication flow.

Brief AI supports Okta configurations where Okta federates to:

  • Azure Active Directory (commonly used with Office 365 calendar)

  • Google Workspace (commonly used by Google-based organizations)

For detailed setup instructions, please refer to the identity provider–specific guides:

Okta SSO setup

To set up Okta, a new application needs to be configured in Okta admin UI. To do this, please follow these steps carefully:

  1. Click on the "Admin" button on the Okta user home.

  2. Open "Applications" on the left hand side menu and choose "Create App Integration".

  3. Choose "OIDC - OpenID Connect" as "Sign-in Method" and choose "Web Application" as "Application Type".​

  4. Choose a name and make sure that "Authorization code" grant type is selected.

  5. Replace the default for "Sign-in redirect URIs" with "https://keycloak.app.wiseworks.ai/realms/prod/broker/<client_id>/endpoint".


    Obtain the client_id from Brief AI.


  6. Choose the value for "Controlled access" based on your needs.

  7. Once created change the "Issuer" on the "Sign on" tab to "Okta URL".

  8. Make note of the following items that need to be supplied to Brief AI:

    1. "Issuer" on the "Sign on" tab (make sure that "Okta URL" is selected).

    2. "Client ID" available on the "General" tab.

    3. "Client Secret" (masked by default) available on the "General" tab.

Provide the values collected on the final step to Brief AI for the SSO to be configured.

Adding Google as an Identity Provider in Okta

If your organization uses Google Workspace as the upstream identity system behind Okta, a Google Identity Provider must be added inside Okta. This allows Okta to federate authentication to your Google Workspace domain, while Brief AI handles calendar access through Google directly.

Follow the steps below after completing the Google Workspace SSO & Calendar Synchronization Setup guide and obtaining your Google OAuth Client ID and Client Secret.

  1. In the Admin Console, go to Security > Identity Providers.

  2. Click Add Identity Provider, and then select Google IdP.

  3. Click Next.

  4. In the General Settings section, define the following:

    • Name: Enter a name for the Identity Provider configuration

    • Client Id: Paste the client ID that you obtained from Google

    • Client Secret: Paste the secret that you obtained Google

    • Scopes:

      • email

      • openid

      • profile

      • https://www.googleapis.com/auth/calendar.readonly

      • https://www.googleapis.com/auth/calendar.events.readonly

    • Account Link Policy: Enabled

    • The rest of the settings can be left as they are set by default

  5. Click Finish. A page appears that displays the IdP's configuration.

Calendar Synchronization with Okta

Brief AI supports calendar synchronization when your organization uses Okta as its primary SSO provider.


Okta can federate authentication to different upstream identity providers, such as Azure Active Directory or Google Workspace.


The calendar connection is handled by the upstream provider (Azure or Google), not by Okta itself.

How it works

  1. User signs in through Okta
    Okta federates the login to your organization’s identity provider (Azure AD or Google Workspace).

  2. Brief AI prompts the user to connect their calendar
    After the first login, Brief AI will show a "Connect your calendar" banner.
    When the user clicks this, they are redirected to the corresponding provider’s OAuth consent screen (Azure or Google).

  3. Calendar permissions are granted
    The required calendar permissions (Microsoft Graph or Google Calendar API) are granted directly with the upstream identity provider.

  4. Brief AI keeps the calendar in sync
    Using the tokens granted during the calendar connection flow, Brief AI periodically fetches upcoming meetings and updates the UI accordingly.

Where to find upstream-provider setup instructions

Your calendar flow depends on which identity provider your organization uses beneath Okta. Please review the relevant page.


Azure Active Directory (AD) SSO & Calendar Synchronization Guide.


Google Workspace SSO & Calendar Synchronization Guide.

Did this answer your question?