How to put in place an external IdP => Okta SP => External App


I am fairly new to Okta and I am struggling a bit with the concepts. The Okta documentation is furnished, but sometimes inaccurate, the doc is not aligned with the screens…

I want to put in place something rather simple:

  • Azure AD is used as an IdP, reaching…
  • Okta is used as a SP, reaching…
  • my external app, running in local.

I successfully configured the relationship between Azure Ad and Okta SP, by configuring an IdP on Okta. I manage to log in from Azure AD in Okta.
Now I want the same thing to happen, but I need to land directly on my application (localhost:3000, let’s say).
It is a nodejs application, I use the oidc-middleware as documented.
Of course, I need to get the user info in my app.

  1. I tried to add my app final url in the relaystate in Azure.
    => I get a redirection but without any information.

  2. I tried to add an OID App from the “Applications” menu in Okta, and I configured the embedded link in Azure AD. I manage to log in in Okta, then when it tries to access my app, I have an error stating there are too many redirections.

Strangely enough, I haven’t found (yet) a page where all I describe, which seems fairly standard, is described from A to Z.

Do you have recommendation on how to manage, where to look, etc?

On top of things, the external IdP will send some SAML claims we are not allowed to store in Okta SP, in the JIT account. But the upstream app need to access those infos.
Is there a way to use Okta SP as a pass-through ?