What is OKTA?
Okta is the multifactor authentication service provider for NCIs CTRP and Precision Medicine applications. Multifactor authentication is used to provide additional security beyond just entering a username and password: authentication is accomplished by either responding to an alert on a cell phone, pressing a key in answer to a recorded phone call, or entering a code received via text message or phone call.
Even if you already use Okta for other programs, you will still need to set up Okta for your new account the first time you log in. Every user has an Okta profile that facilitates the authentication of the user into their accounts on the applications. Previously, the login process for NIH internal users displayed only the iTrust login screens, without the option to login using the Okta profile username and password.
To prevent any problems during the login process, make sure that the browser popup blocker is disabled. A popup blocker may preventing the application from opening the login page.
See the following for instructions on disabling popup blockers for various browsers:
Browser | Guide |
---|---|
Chrome | How to change popup blocker settings in Chrome |
Firefox | How to change popup blocker settings in Firefox |
Safari | How to change popup blocker settings in Safari |
For additional support contact your IT Support department or one of the NCI's various application support teams below:
Application | Support Email address |
---|---|
STRAP | ctrp_support@nih.gov |
CTRP | ctrp_support@nih.gov |
DLAP | dlap_support@mail.nih.gov |
CSMS | csms-support@nih.gov |
Adult Matchbox | matchbox-support@nih.gov |
Pediatric Matchbox: | ped-match-support@nih.gov |
It is possible to set up more than one of the authentication options. While only one method is needed for each login, and each type authentication may only be associated with one phone number, this configuration allows some flexibility for users who want the option of using two different phone numbers.
Here are some examples of how this might be used:
User sets up Okta Verify authentication to send pushes to their cell phone and sets up Voice Call Authentication to their office phone number. If the user does not have cell service in their office, they can use their office phone to authenticate, and they can authenticate via Okta Verify push on their cell phone if they are away from their office.
User sets up Okta Verify Authentication to send pushes their company-issued cell phone and sets up SMS Authentication to their personal cell phone. The user does not wish to install an app on their personal cell phone, but would like to have a backup method of authentication in case of any changes to their work cell phone number.
User wishes to have several options for authentication, especially since their day-to-day schedule is extremely varied. This allows the user to choose the method that best suits their situation at login time.
Note: The next time you log in to the application, one of the authentication methods will be selected by default, but you may choose another method if you have set it up. Click on the down-arrow icon next to the Okta symbol in the window and choose a different authentication method from the picklist.
As with most user profile passwords, Okta passwords require periodic updating to maintain compliance with security policy. NIH Users also need to update their Okta password as per the update schedule, even if they choose to only use iTrust to login to the applications.
Users will receive an email alerting them when it is time to update their Okta password.
IF:
THEN:
To reset your Okta password use one of the following methods:
To change the iTrust password: