Build SSO Integration as third party vendor

I’m trying to build an SSO integration that will eventually be used by multiple okta organizations (that in turn will have their own accounts in our platform). I created an application and am able to login using express and passport/passport-saml. The URL I’m providing as the entry point though is our dev-okta instance with a path to the application. If I understand this correctly, that wouldn’t work if company A wanted to use this integration, correct? As it would just be pointed to my dev-okta instance.

I’m struggling to find documentation around this situation. What is the correct url to present to the end user trying to login? Is it https://login.okta.com? I tried using that url but after logging in I just get redirected to okta.com and don’t see the login attempt in my application logs.

Hi @mattaltepeter

Your application would need to support configuring the SAML details from Okta individually for each of your customers (eg. inside the administrative panel in each tenant that is part of the application). This can be done by saving the details in the database and retrieving them automatically based on the URL (eg. https://customer1.app.com/sso/acs would bring from the database the SAML details for customer 1 and then proceed in checking the assertion using passport).