I’ve got an app added to Okta, and I have a custom application login page, set to my site e.g site.com/auth. Now, the issue is, I’ve got a few customers with their own subdomains e.g. customer1.site.com, customer2.site.com and so I’d need their login redirect URLs to be something like customer1.site.com/auth and customer2.site.com/auth. Is it possible to override the set app login URL?
Hello,
Okta does support wildcard redirectURIs in the lowest level sub domain, see here.
Note the warning
Caution: The use of wildcard subdomains is discouraged as an insecure practice, since it may allow malicious actors to have tokens or authorization codes sent to unexpected or attacker-controlled pages. Exercise great caution if you decide to include a wildcard redirect URI in your configuration.
Another option would be to register all the redirect URIs you need and then set it in the /authorize call based off of the URL a user uses to access your application.
Hello, thanks for the reply. However, I’m a bit confused - see the screenshot below. Okta allows having one “Application Login Page”. Is there a way to add more?
No. Only SAML applications have this option and you can only list a single Login page URL. This URL will be used if the user attempts to access the application directly, so there can only be one.
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.