I have created one SPA application with the required URLs of my application. Also made necessary code changes in my application. Now on clicking on a button redirects me to a Okta sign in page.
My question here is only when I create users and assign them to my application in OKTA admin console I am able to sign in in my application using OKTA. But when I give my OKTA credentials i.e, my OKTA account credentials it’s not allowing to sign in.
So when we have an OKTA account can’t we use that to login into our application? Is it something like only when we create users and assign them to application in OKTA admin console will work?
Not sure I’m following what you’re describing here, but your users do need to be assigned the application within Okta to access it, only authorized (assigned) users will be granted tokens.
Thanks for the reply. So OKTA SSO is not similar to Google SSO right? Bcoz in Google SSO we don’t have to assign users to the application. If someone has Google account, they will be able to use Google SSO.
I can’t speak to the options within Google, but yes, within Okta at least you need to grant these users access to your application, not just to Okta.
If you want these social auth users to have immediate access to applications in Okta, you have two main options
- Enable Federation Broker Mode for the applicable applications.
- Assign users federated through the external identity provider to a specific Group that is assigned the appropriate applications. You can find this under the JIT Settings heading of the Identity Provider