Peerbound x Okta Integration Instructions

Last updated: June 15, 2026

These instructions are for Okta admins working to connect Peerbound to your company’s Okta SSO.

Creating the Okta app

  1. In your Okta tenant create an Okta OIDC app integration

  2. Select OIDC as the Sign-in method.

  3. Select Web application as the Application type, and set the following parameters

Name: Peerbound
Sign-In Redirect URIs: https://auth.peerbound.com/login/callback

Trusted Origins: https://auth.peerbound.com

Audience URI: https://app.peerbound.com/api/ (may not be required)

  1. Record the Client ID and Client Secret that Okta generates for your app integration.

  2. Securely provide Client ID and Client Secret to Peerbound. Also share your Okta domain (e.g., {yourcompany}.okta.com).

Provisioning users with SCIM

SCIM allows you to provision and deprovision all users directly in Okta. After completing the above setup to establish a connection between Peerbound will provide you with a SCIM token. With that token, you can now follow the steps found here for configuring SCIM in Okta.

Note that deprovisioning a user with SCIM will not immediately end an active user session. However, the user will not be able to log in again or refresh the current session. Therefore, to test deprovisioning, you should log out and then validate that you cannot log back in with the deprovisioned account.

Assigning roles

Peerbound has four roles:

  • Admin: web access and MCP access; can manage API keys

  • Creator: web access and MCP access

  • Reader - Anonymized: read-only MCP access

  • Reader - Deanonymized: read-only MCP access, including ability to read the identity of “Approved - Anonymous” moments

These roles can be assigned using Okta groups.

  1. Create an Okta group for each role you want to assign users in Peerbound. We recommend giving these groups names starting with “Peerbound”. For example, “Peerbound - Creator” and “Peerbound - Reader”.

  2. Assign each Okta user to the appropriate group. This can be done manually user-by-user or a group rule can be used to assign group membership based on another condition (like Department).

  3. Add a groups claim to the Okta app, in order to pass the group membership information to Peerbound. (Okta docs)

    1. In the Admin Console, go to Applications > Applications.

    2. Select the Peerbound app.

    3. Go to the Sign On tab and select Edit in the OpenID Connect ID Token section.

    4. In the Group claim type section, select Filter.

    5. In the Group claims filter section, set the claim name to”groups”, the filter to Starts with, and the value to “Peerbound”.

    6. Save.

    7. Follow the Back to the applications link and then select Refresh Application Data in the More dropdown menu.

  4. Let your Peerbound CSM know what group names you used and how these should be mapped to the Peerbound roles mentioned above.

Any user provisioned in Okta and not assigned a Peerbound group will default to having Creator access.

If you encounter any issues please contact support@peerbound.com and attach any relevant screenshots / URLs.