diff --git a/public/docs-static/img/integrations/identity-providers/self-hosted/okta-generate-token.png b/public/docs-static/img/integrations/identity-providers/self-hosted/okta-generate-token.png
new file mode 100644
index 00000000..3ed86184
Binary files /dev/null and b/public/docs-static/img/integrations/identity-providers/self-hosted/okta-generate-token.png differ
diff --git a/public/docs-static/img/integrations/identity-providers/self-hosted/okta-native-application.png b/public/docs-static/img/integrations/identity-providers/self-hosted/okta-native-application.png
new file mode 100644
index 00000000..34d6158a
Binary files /dev/null and b/public/docs-static/img/integrations/identity-providers/self-hosted/okta-native-application.png differ
diff --git a/public/docs-static/img/integrations/identity-providers/self-hosted/okta-native-sign-on-configuration.png b/public/docs-static/img/integrations/identity-providers/self-hosted/okta-native-sign-on-configuration.png
new file mode 100644
index 00000000..a487819c
Binary files /dev/null and b/public/docs-static/img/integrations/identity-providers/self-hosted/okta-native-sign-on-configuration.png differ
diff --git a/public/docs-static/img/integrations/identity-providers/self-hosted/okta-new-native-application.png b/public/docs-static/img/integrations/identity-providers/self-hosted/okta-new-native-application.png
new file mode 100644
index 00000000..a73ddea7
Binary files /dev/null and b/public/docs-static/img/integrations/identity-providers/self-hosted/okta-new-native-application.png differ
diff --git a/public/docs-static/img/integrations/identity-providers/self-hosted/okta-new-single-page-application.png b/public/docs-static/img/integrations/identity-providers/self-hosted/okta-new-single-page-application.png
new file mode 100644
index 00000000..927d8bb8
Binary files /dev/null and b/public/docs-static/img/integrations/identity-providers/self-hosted/okta-new-single-page-application.png differ
diff --git a/public/docs-static/img/integrations/identity-providers/self-hosted/okta-single-page-application.png b/public/docs-static/img/integrations/identity-providers/self-hosted/okta-single-page-application.png
new file mode 100644
index 00000000..e5522f9b
Binary files /dev/null and b/public/docs-static/img/integrations/identity-providers/self-hosted/okta-single-page-application.png differ
diff --git a/public/docs-static/img/integrations/identity-providers/self-hosted/okta-single-sign-on-configuration.png b/public/docs-static/img/integrations/identity-providers/self-hosted/okta-single-sign-on-configuration.png
new file mode 100644
index 00000000..cc559d91
Binary files /dev/null and b/public/docs-static/img/integrations/identity-providers/self-hosted/okta-single-sign-on-configuration.png differ
diff --git a/src/pages/selfhosted/identity-providers.mdx b/src/pages/selfhosted/identity-providers.mdx
index 6c95fdef..efbaa913 100644
--- a/src/pages/selfhosted/identity-providers.mdx
+++ b/src/pages/selfhosted/identity-providers.mdx
@@ -814,12 +814,146 @@ The file management.json is created automatically. Please refer [here](/docs/sel
 ```json
 {
   "ManagerType":  "authentik",
-  "AuthentikClientCredentials": {
+  "ClientConfig": {
+      "Issuer": "https://<YOUR-AUTHENTIK-HOST-AND-PORT>",
       "ClientID": "<PROVIDER Client ID>",
+      "TokenEndpoint": "https://<YOUR-AUTHENTIK-HOST-AND-PORT>/application/o/token",
+      "GrantType": "client_credentials"
+  },
+  "ExtraConfig": {
       "Username": "Netbird",
       "Password": "<SERVICE ACCOUNT PASSWORD>",
-      "GrantType": "client_credentials",
-      "TokenEndpoint": "https://<YOUR-AUTHENTIK-HOST-AND-PORT>/application/o/token"
   }
 }
   ```
+
+## Okta
+
+This guide is a part of the [NetBird Self-hosting Guide](/getting-started/self-hosting) and explains how to integrate 
+**self-hosted** NetBird with [Okta](https://www.okta.com/).
+
+<Note>
+If you prefer to have full control over authentication and authorization of your NetBird network, there are good self-hosted alternatives to the managed Okta service like [Keycloak](/integrations/identity-providers/self-hosted/using-netbird-with-keycloak).
+</Note>
+
+Before you start creating and configuring an Okta application, ensure that you have an Okta workforce identity cloud account. If you don't have one, sign up for a free account at https://www.okta.com/free-trial/.
+
+### Step 1. Create and configure Okta single-page application
+In this step, we will create and configure Netbird single-page application in okta.
+- Navigate to Okta Admin Dashboard
+- Click `Applications` in the left menu and then click on `Applications`
+- Click `Create App Intergration`
+- Fill in the form with the following values and click `Next`
+  - Sign-in method: `OIDC - OpenID Connect`
+  - Application type: `Single-Page Application`
+
+![](/docs-static/img/integrations/identity-providers/self-hosted/okta-new-single-page-application.png)
+
+- Fill in the form with the following values and click `Save`
+    - App integration name: `Netbird`
+    - Grant type: `Authorization Code` and `Refresh Token`
+    - Sign-in redirect URIs: `https://<yournetbirddomain.com>/auth` and `https://<yournetbirddomain.com>/silent-auth`
+    - Sign-out redirect URIs: `https://<yournetbirddomain.com>/`
+- Click `Save`
+
+![](/docs-static/img/integrations/identity-providers/self-hosted/okta-single-page-application.png)
+
+- Navigate to Okta Admin Dashboard
+- Click `Applications` in the left menu and then click on `Applications`
+- Select `Netbird` application on the list and take a note of the `Client ID`, we will use it later
+- Click on `Sign On` tab on top menu
+- Under `OpenID Connect ID Token` section, click `Edit` and update `Issuer`  to use the `Okta URL`
+- Click `Save`
+
+![](/docs-static/img/integrations/identity-providers/self-hosted/okta-single-sign-on-configuration.png)
+
+### Step 2. Create and configure Okta native application
+In this step, we will create and configure Netbird native application in okta.
+- Navigate to Okta Admin Dashboard
+- Click `Applications` in the left menu and then click on `Applications`
+- Click `Create App Intergration`
+- Fill in the form with the following values and click `Next`
+  - Sign-in method: `OIDC - OpenID Connect`
+  - Application type: `Native Application`
+
+![](/docs-static/img/integrations/identity-providers/self-hosted/okta-new-native-application.png)
+
+
+- Fill in the form with the following values and click `Save`
+    - App integration name: `Netbird Native App`
+    - Grant type: `Device Authorization`
+- Click `Save`
+
+![](/docs-static/img/integrations/identity-providers/self-hosted/okta-native-application.png)
+
+- Navigate to Okta Admin Dashboard
+- Click `Applications` in the left menu and then click on `Applications`
+- Select `Netbird Native App` application on the list and take a note of the `Client ID`, we will use it later
+- Click on `Sign On` tab on top menu
+- Under `OpenID Connect ID Token` section, click `Edit` and update `Issuer`  to use the `Okta URL`
+- Click `Save`
+
+![](/docs-static/img/integrations/identity-providers/self-hosted/okta-native-sign-on-configuration.png)
+
+### Step 3. Generate api token
+In this step, we will generate netbird api token in okta for authorizing calls to user api.
+
+- Navigate to Okta Admin Dashboard
+- Click `Security` in the left menu and then click on `API`
+- Click on `Tokens` tab on top menu
+- Click `Create token`
+- Fill in the form with the following values and click `Create token`
+    - Name: `Netbird`
+- Take note of token value and click `OK, got it`
+
+![](/docs-static/img/integrations/identity-providers/self-hosted/okta-generate-token.png)
+
+
+Your authority OIDC configuration will be available under:
+```
+https://< your_okta_organization_url >/.well-known/openid-configuration
+```
+<Note>
+    Double-check if the endpoint returns a JSON response by calling it from your browser.
+</Note>
+
+- Set properties in the `setup.env` file:
+```json
+NETBIRD_DOMAIN="<your_domain>"
+NETBIRD_AUTH_OIDC_CONFIGURATION_ENDPOINT="https://<your_okta_organization_url>/.well-known/openid-configuration"
+NETBIRD_USE_AUTH0=false
+NETBIRD_AUTH_AUDIENCE="<netbird_client_id>"
+NETBIRD_AUTH_CLIENT_ID="<netbird_client_id>"
+NETBIRD_AUTH_REDIRECT_URI="/auth"
+NETBIRD_AUTH_SILENT_REDIRECT_URI="/silent-auth"
+NETBIRD_TOKEN_SOURCE="idToken"
+
+NETBIRD_AUTH_DEVICE_AUTH_PROVIDER="hosted"
+NETBIRD_AUTH_DEVICE_AUTH_CLIENT_ID="<netbird_native_client_id>"
+NETBIRD_AUTH_DEVICE_AUTH_AUDIENCE="<netbird_native_client_id>"
+NETBIRD_AUTH_DEVICE_AUTH_SCOPE="openid email"
+NETBIRD_AUTH_DEVICE_AUTH_USE_ID_TOKEN=true
+```
+
+- You can now continue with the [NetBird Self-hosting Guide](/docs/selfhosted/selfhosted-guide#step-3-configure-identity-provider/docs/selfhosted/selfhosted-guide#step-3-configure-identity-provider).
+
+- Set property `IdpManagerConfig` in the `management.json` file with:
+<Note>
+    The file management.json is created automatically. Please refer [here](/getting-started/self-hosting#step-5-run-configuration-script) for more information.
+</Note>
+
+```json
+{
+  "ManagerType": "okta",
+  "ClientConfig": {
+      "Issuer": "<ISSUER_URL>",
+      "TokenEndpoint": "<ISSUER_URL>/oauth2/v1/token",
+      "GrantType": "client_credentials"
+  },
+  "ExtraConfig": {
+      "APIToken": "<api_token>",
+  }
+}
+```
+
+- Modify the value of the `AUTH_SUPPORTED_SCOPES` environment variable for the dashboard service in the docker-compose.yml file to `openid profile email`.
\ No newline at end of file