Okta Authentication allows for user authentication for AppSheet apps. It is similar to using an OpenID providerbut allows for Okta-specific features such as group controls to be used. For example, you may want to limit access to certain apps to the Sales Team and others to the Support Team. Using Okta as an authentication source allows this type of segmentation.
To setup authentication, there are three steps: setting up an Okta application, configuring AppSheet to allow Okta, and let app users know they can use Okta to login.
Hi Gary, the usual reason to do this is to determine the application role for a user based on membership in an Okta group. Is that what you are looking to do? if so, we do have the ability to assign roles based on group membership. Then in expressions, you use USERROLE() to change behavior appropriately.
Thank you, it seems to return the appsheet role vs the Okta role. I can assign the Okta role to an appsheet role, but there are only two choices (admin & user). I’ve read the work arounds for managing more than two groups by using tables, but was hoping for something more direct. Not a blocker, but certainly nice to have.
The reason we don’t want to directly have expressions that access group membership is this — expressions have to run in the apps on devices and on the backend. They have to run preferably offline. They need to be low latency. Checking group membership is high latency and needs connectivity.
In any case, most of the scenarios we have encountered so far are exactly for this purpose — to use group membership to assign application roles. So that’s why we’ve provided the feature directly.
