Login with an admin account into the Okta admin console
Select "Applications | Applications" in the main menu
Click "Create App Integration"
Select "OIDC - OpenID Connect" as the Sing-on method and select "Web Application" as the application type
Click "Next" to continue
Enter a name, e.g. SafeID Token Service, into the New Web App Integration form,
Tick Implicit (Hybrid) for the grant type
Add the following sign-in redirect URI’s.
https://admin.safeid.io/Account/OpenIdSignIn
https://user.safeid.io/Account/OpenIdSignIn
Click "Save"
Take a copy of the client id as you will need this in late steps
Now, login into the SafeID Admin Console
Select "Identity Providers"
Click "Add"
Select "OpenID"
In "OAuth Authorization Endpoint" enter "https://your-domain.okta.com/oauth2/v1/authorize"
In "OpenID Configuration Endpoint" enter "https://your-domain.okta.com/.well-known/openid-configuration"
Replace "your-domain" with the real domain name of your Okta domain name, e.g. "deepnet"
In "Application ID" enter the Client ID that you noted down in the previous step
Tick the “ID Token Required for logout" option
Click "Create"