I’ve got an app added to Okta, and I have a custom application login page, set to my site e.g site.com/auth. Now, the issue is, I’ve got a few customers with their own subdomains e.g. customer1.site.com, customer2.site.com and so I’d need their login redirect URLs to be something like customer1.site.com/auth and customer2.site.com/auth. Is it possible to override the set app login URL?
Okta does support wildcard redirectURIs in the lowest level sub domain, see here.
Note the warning
Caution: The use of wildcard subdomains is discouraged as an insecure practice, since it may allow malicious actors to have tokens or authorization codes sent to unexpected or attacker-controlled pages. Exercise great caution if you decide to include a wildcard redirect URI in your configuration.
Another option would be to register all the redirect URIs you need and then set it in the /authorize call based off of the URL a user uses to access your application.
Hello, thanks for the reply. However, I’m a bit confused - see the screenshot below. Okta allows having one “Application Login Page”. Is there a way to add more?
No. Only SAML applications have this option and you can only list a single Login page URL. This URL will be used if the user attempts to access the application directly, so there can only be one.