I have created a SAML application for SSO. I am able to add the users from my domain. How can I add existing users from another domain.
Do you mean from another Okta domain/org?
Users from one org to other
You may want to look up setting up an Org2Org connection between the two orgs, so users in the second org can login and access applications in the first org: Setup SSO
I have configured as per the link provided, but when I click on Bookmark App I’m redirected to my app, but I’m not able to login as user from Spoke org, only credentials from Hub org works.
From which org is the bookmark app created/being launched? How are users from the spoke org attempting to access the application in question?
Here are the steps followed:
Created our own SAML application in the HUB.
Created IdentityProvider in HUB with the details from the created applicaton.
Added Okta Org2Org in SPOKE with the details from already created idenityprovider in HUB.
Created BookMark app in SPOKE with the details from our custom application as :
Identity Provider Single Sign-On URL?RelayState=AppEmbedLink
Please let me know where I have done wrong.
The bookmark app in the spoke, does the Single Sin On URL you are using start with the hub domain or the spoke domain?