How do I build a general Okta OAuth sign-in button for my SaaS app?

Hi, I have a pretty basic question about how to integrate Okta OAuth into my app. My goal is to implement a generic Okta sign in button on my SaaS app that redirects to Okta for authentication and then loops back to my app once authentication is done.

From all the docs I’ve read, it seems that every Okta org has its own authorization domain (e.g acme.okta.com). Given this, how would I go about building a general Okta sign up button on my app that works across any organization? It seems as though I’d need to know which org a person belongs to and know their org’s authorization server before being able to redirect to the right authorization server from my app.

Currently I have OAuth set up where the redirect works and goes to a test app (dev-28963036.okta.com), but I’m looking to extend it to apply to any organization. In other words, I want anyone to be able to come to my app, click the Okta sign in button, and be redirected to a place where they can login with Okta.

Does this question make sense? The closest analogy I have is Google social login, that has a single, central authorization URL and lets users login with Google regardless of what organization they belong to, and then loops back to the app once finished.

Please let me know if I’m missing something, or if I’m thinking about this the wrong way. Thanks in advance!

You are thinking the right way, but unfortunately it’s not possible with Okta. Okta has tenants (isolated compartments) with their own user base, so 2 different tenants may have the same username.

I’d suggest you to rather build with a support of global providers (Google, Facebook or MS). Now when you know the principles of building, it should be an easy lift for you, if you really want to go global