diff --git a/simple-webapp-okta/.gitignore b/simple-webapp-okta/.gitignore
new file mode 100644
index 0000000..b393cfd
--- /dev/null
+++ b/simple-webapp-okta/.gitignore
@@ -0,0 +1,4 @@
+.classpath
+.project
+.settings
+/target/
diff --git a/simple-webapp-okta/charts/helm.yaml b/simple-webapp-okta/charts/helm.yaml
new file mode 100644
index 0000000..8fb5b62
--- /dev/null
+++ b/simple-webapp-okta/charts/helm.yaml
@@ -0,0 +1,8 @@
+build:
+  uri: https://github.com/wildfly-security-incubator/elytron-examples.git
+  contextDir: simple-webapp-okta
+deploy:
+  replicas: 1
+  env:
+    - name: OIDC_PROVIDER_URL
+      value: <okta_URL>
\ No newline at end of file
diff --git a/simple-webapp-okta/pom.xml b/simple-webapp-okta/pom.xml
new file mode 100644
index 0000000..eeff35a
--- /dev/null
+++ b/simple-webapp-okta/pom.xml
@@ -0,0 +1,107 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <groupId>org.wildfly.security.examples</groupId>
+    <artifactId>simple-webapp-okta</artifactId>
+    <packaging>war</packaging>
+    <version>2.0.0.Alpha1-SNAPSHOT</version>
+    <name>simple-webapp Maven Webapp</name>
+    <url>http://maven.apache.org</url>
+
+    <properties>
+        <maven.compiler.source>11</maven.compiler.source>
+        <maven.compiler.target>11</maven.compiler.target>
+        <version.wildfly.maven.plugin>4.2.0.Final</version.wildfly.maven.plugin>
+        <version.maven.war.plugin>3.3.2</version.maven.war.plugin>
+        <version.wildfly>30.0.0.Final</version.wildfly>
+        <version.wildfly.cloud.galleon.pack>4.0.0.Final</version.wildfly.cloud.galleon.pack>
+    </properties>
+
+    <dependencyManagement>
+        <dependencies>
+            <dependency>
+                <groupId>org.wildfly.bom</groupId>
+                <artifactId>wildfly-ee-with-tools</artifactId>
+                <version>${version.wildfly}</version>
+                <type>pom</type>
+                <scope>import</scope>
+            </dependency>
+        </dependencies>
+    </dependencyManagement>
+
+    <dependencies>
+        <dependency>
+            <groupId>jakarta.servlet</groupId>
+            <artifactId>jakarta.servlet-api</artifactId>
+            <scope>provided</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <version>4.13.1</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.wildfly.security</groupId>
+            <artifactId>wildfly-elytron-http-oidc</artifactId>
+            <version>2.0.0.Final</version>
+            <scope>compile</scope>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <finalName>simple-webapp-okta</finalName>
+        <plugins>
+            <plugin>
+                <groupId>org.wildfly.plugins</groupId>
+                <artifactId>wildfly-maven-plugin</artifactId>
+                <version>${version.wildfly.maven.plugin}</version>
+            </plugin>
+            
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-war-plugin</artifactId>
+                <version>${version.maven.war.plugin}</version>
+            </plugin>
+        </plugins>
+    </build>
+
+    <profiles>
+        <profile>
+            <id>openshift</id>
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.wildfly.plugins</groupId>
+                        <artifactId>wildfly-maven-plugin</artifactId>
+                        <version>${version.wildfly.maven.plugin}</version>
+                        <configuration>
+                            <feature-packs>
+                                <feature-pack>
+                                    <location>org.wildfly:wildfly-galleon-pack:${version.wildfly}</location>
+                                </feature-pack>
+                                <feature-pack>
+                                    <location>org.wildfly.cloud:wildfly-cloud-galleon-pack:${version.wildfly.cloud.galleon.pack}</location>
+                                </feature-pack>
+                            </feature-packs>
+                            <layers>
+                                <layer>cloud-server</layer>
+                                <layer>elytron-oidc-client</layer>
+                            </layers>
+                            <filename>simple-webapp-okta.war</filename>
+                        </configuration>
+                        <executions>
+                            <execution>
+                                <goals>
+                                    <goal>package</goal>
+                                </goals>
+                            </execution>
+                        </executions>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
+    </profiles>
+
+</project>
diff --git a/simple-webapp-okta/src/main/java/org/wildfly/security/examples/SecuredServlet.java b/simple-webapp-okta/src/main/java/org/wildfly/security/examples/SecuredServlet.java
new file mode 100644
index 0000000..db32bcd
--- /dev/null
+++ b/simple-webapp-okta/src/main/java/org/wildfly/security/examples/SecuredServlet.java
@@ -0,0 +1,60 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2017 Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.wildfly.security.examples;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.security.Principal;
+
+import jakarta.servlet.ServletException;
+import jakarta.servlet.annotation.HttpMethodConstraint;
+import jakarta.servlet.annotation.WebServlet;
+import jakarta.servlet.http.HttpServlet;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.jose4j.jwt.consumer.InvalidJwtException;
+import org.jose4j.jwt.consumer.JwtConsumerBuilder;
+import org.jose4j.jwt.JwtClaims;
+import org.wildfly.security.http.oidc.OidcSecurityContext;
+
+/**
+ * A simple secured HTTP servlet.
+ *
+ * @author <a href="mailto:darran.lofthouse@jboss.com">Darran Lofthouse</a>
+ */
+@WebServlet("/secured")
+public class SecuredServlet extends HttpServlet {
+
+    @Override
+    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+        try (PrintWriter writer = resp.getWriter()) {
+            writer.println("<html>");
+            writer.println("  <head><title>Secured Servlet</title></head>");
+            writer.println("  <body>");
+            writer.println("    <h1>Secured Servlet</h1>");
+            writer.println("    <p>");
+            writer.print(" Current Principal '");
+            OidcSecurityContext context = (OidcSecurityContext) req.getAttribute(OidcSecurityContext.class.getName());
+            writer.print(context != null ? context.getIDToken().getClaimValueAsString("IDTClaim") : "NO AUTHENTICATED USER");
+            writer.print("'");
+            writer.println("    </p>");
+            writer.println("  </body>");
+            writer.println("</html>");
+        }
+    }
+}
diff --git a/simple-webapp-okta/src/main/webapp/WEB-INF/oidc.json b/simple-webapp-okta/src/main/webapp/WEB-INF/oidc.json
new file mode 100644
index 0000000..339bce1
--- /dev/null
+++ b/simple-webapp-okta/src/main/webapp/WEB-INF/oidc.json
@@ -0,0 +1,10 @@
+{
+    "client-id" : "CLIENT_ID",
+    "provider-url" : "${env.OIDC_PROVIDER_URL:CUSTOM_AUTH_SERVER}",
+    "public-client" : "false",
+    "principal-attribute" : "IDTClaim",
+    "ssl-required" : "EXTERNAL",
+    "credentials" : {
+        "secret" : "CLIENT_SECRET"
+    }
+}
diff --git a/simple-webapp-okta/src/main/webapp/WEB-INF/web.xml b/simple-webapp-okta/src/main/webapp/WEB-INF/web.xml
new file mode 100644
index 0000000..9c341e6
--- /dev/null
+++ b/simple-webapp-okta/src/main/webapp/WEB-INF/web.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
+   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+   xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
+   metadata-complete="false">
+
+    <security-constraint>
+        <web-resource-collection>
+            <web-resource-name>secured</web-resource-name>
+            <url-pattern>/secured</url-pattern>
+        </web-resource-collection>
+        <auth-constraint>
+            <role-name>*</role-name>
+        </auth-constraint>   
+    </security-constraint>
+
+    <login-config>
+        <auth-method>OIDC</auth-method>
+    </login-config>
+
+    <security-role>
+        <role-name>*</role-name>
+    </security-role>
+</web-app>
diff --git a/simple-webapp-okta/src/main/webapp/index.html b/simple-webapp-okta/src/main/webapp/index.html
new file mode 100644
index 0000000..0331adb
--- /dev/null
+++ b/simple-webapp-okta/src/main/webapp/index.html
@@ -0,0 +1,6 @@
+<html>
+  <body>
+    <h2>Hello World!</h2>
+    <a href="./secured">Access Secured Servlet</a>
+  </body>
+</html>