We are building a SaaS product and we use CUSTOM user management, with email/password login for most of our customers.
Our customers are orgs, and some of them use Okta internally.
We want to provide the Okta SSO integration to allow them to login with okta, but not for those that don’t.
I didn’t find useful documentation about this case.
So I have some important questions about this.
- Is this use case documented anywhere ?
- How many times it could takes to get the app reviewed and accepted by Okta OIN ?
- How to test our SSO integration during development with a fake okta customer (I guess using an other free okta account, acting as the customer org), before having the app integration published in the OIN ? Or can we anyway access the app integration, from the fake org, before the OIN validation and public publishing ?
- Can we safely use OIDC with a web app integration (server-side) when having an SPA as frontend ?