To improve your security, you can configure Okta OAuth2 to allow your employees to log in to Mention Me using Okta. This removes the need for passwords and enables centralised authentication management in your Okta console.
Account provisioning and user roles remain managed within Mention Me.
Mention Me currently supports OAuth integrations for Google, Okta, Auth0, and Azure AD. For other providers, contact your Client Account Manager.
Set up Okta in Mention Me under Merchant Settings > Security & Data.
Feature Overview
Mention Me supports Okta OAuth for organisations using Okta for authentication.
- Users can log in to Mention Me using their Okta account.
- Email/password access is disabled once OAuth is enabled.
- Users with access to multiple brands can log in via any supported method (depending on the brand).
Only users with email addresses matching the configured domain(s) can authenticate. All others will lose access.
Preliminary Requirements
- An active Okta account
- At least one domain managed and registered under your Okta account
- Users with emails associated with your Okta-managed domain
Prerequisites
- Okta administrator access
- Mention Me administrator access
Okta Configuration Steps
See Okta’s official guide for reference.
- Log in to the Okta Admin Console
- Create a new App Integration
- Select OIDC - OpenID Connect and Web Application
- Name the App (e.g. "Mention Me")
- Choose assignment settings and save
- Ensure default scopes (name and email) are selected
- In the Sign-in redirect URIs, enter:
https://mention-me.com/oauth/client/redirect/xxxx
(Replacexxxxwith your Mention Me Merchant ID. Contact your Client Manager for details.) - Click Save
- Copy the Client ID, Client Secret, and Okta Domain — these are needed for Mention Me setup
If you use both Live and Demo platforms, Okta setup must include TWO redirect URIs:
- Live:
https://mention-me.com/oauth/client/redirect/xxxx - Demo:
https://demo.mention-me.com/oauth/client/redirect/yyyy
You can use the same Client ID, Client Secret, and Issuer URI for both.
If you want your users to log in via a dashboard link, use:https://mention-me.com/oauth/client/start/xxxx
Mention Me Configuration Steps
- Log in to Mention Me as an admin
- Go to SSO Configuration page (or the Demo configuration page)
- Select Okta from the SSO options
- Enter your Okta settings:
- Client ID and Client Secret
- Domains: Okta-managed domain(s)
-
Issuer URI: e.g.
https://yourdomain.okta.com/oauth2
Only input domains that are under your organisation’s control. Using third-party domains could expose your platform to unauthorised access.
Note: Once saved, users will no longer be able to log in with email/password under the configured domains.
Default Permissions
- Demo platform: Users will be granted "Marketing" access
- Live platform: Users will be granted "Customer Service" access
Enable this via a checkbox within the Mention Me Okta setup.
Admins can later adjust user roles manually.
Sample Email to Inform Users
Click to expand
Hi,
We're updating how you log into the Mention Me platform:
What’s changing?
- We're replacing email/password login with "Login via Okta"
- This applies to both our Demo and Live platforms
Why?
- Better security and easier internal user management
- No need to remember another password
How it works:
- Click "Login via Okta" on the login form
- Enter your [domain].com email to identify your account
- Log in seamlessly going forward
Disabling Okta Authentication
If you need to disable Okta OAuth in the future, users can switch back to email/password login. However:
- Users created during SSO usage won’t have passwords. You’ll need to initiate a password reset for them to regain access.