Hi
We have built a new application in Okta which uses OpenID Connect. We’ve assigned the application to two users, but the application does not appear for them when they sign in to the usual Okta domain. All other applications (SAML) do appear!
Are we missing something obvious?
Thanks in advance
Are you using the developer console? I think you might have signed up for a developer trial instead of an IT trial.
When you create an application in the developer console, by default, we set the visibility of the app so it doesn’t show in the end-user chiclet page (UserHome). This is the correct default for people doing application development. The common scenario for these applications is for the end-user to log into the application without the okta end-user chiclet page (think consumer apps)
When you are using the IT trial (https://www.okta.com/start-with-okta/) you get OIDC capability geared for the employee use cases. When you create an OIDC app, the visibility is set correctly so it shows up on the end-user chiclet page.
Hope this information helps, if you need more help, can you describe what you are building and who you are building it for?
Thanks!
Tom
Hi Tom
Thanks for your response.
Sorry if I wasn’t clear but this is a live production environment, not a trial of any kind. We have configured SAML applications and they appear in the UserHome area fine, it’s just this OpenID Connect application that won’t appear.
Strange?
Dan
This is odd, I’m not seeing the same behavior in one of my orgs. Do you mind opening a case with Okta Support?
https://support.okta.com/help/oktaSupportRedirect?startURL=%2Fhelp%2Fopen_case
I think this will require the support team’s TLC to resolve.
Thanks,
Tom
Hi @tom,
It seems like I have the same issue. I’m dealing with -preview- organization here. So what do I need to do to make those applications visible (I created one more to make sure it’s not some legacy issues, but behavior is still the same)?
Hi @phi1ipp
Can you please check under Admin >> Applications >> your OIDC application >> General tab to have “Login initiated by” set to “Either Okta or App”?
Once this is enabled, you will get the section “Application visibility” with option to “Display application icon to users”.
Hi @dragos,
Thank you for the hint! Seems you are right, it was set to “App Only”, but I can’t switch it, as my app uses authorization code flow and it’s not allowed by Okta. Which kinda makes some sense to me, but still not sure why a user can’t click on a chicklet to be redirected to app and then be bounced back 
Hi @phi1ipp
As your application is using authorization code flow, the best solution would be to create a new bookmark app inside of Okta with the URL pointing to your authorization server. To do this, please navigate to Admin >> (switch from Developer Console to Classic UI if necessary) >> Applications >> Add Application and search for “Bookmark App”.
Once the user clicks the chiclet, he will be redirected normally to /authorize endpoint and then to your application, along with the authorization code.
This new bookmark application would need to be added to the same group of people as the OIDC application.
Hey @dragos,
You are the savior, thank you!
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.
