Routing rule to show Okta Username/Password and Social login providers for external users and SAML for internal users

I have 2 types of users, external and Internal. When Internal users try logging in I need to use SAML external provider and for external users should have Okta Username/Password and all other Social login providers.

I tried to use Routing Rule and with userType attribute for routing. For internal users while entering username and then click next they redirect correctly to external SAML provider, but external user see only Okta Username/Password option and not showing the social login providers. Is there any way in which I can achieve the goal. If routing can’t help here, is there any other option?

Note : Except the user type there is no way to differentiate internal and external users.


If you have multiple Social Providers and you can’t rely on something like mail domain of the user login to determine which provider to use, the easiest way would be to display all the social login buttons in the widget so users could click the appropriate provider.

If you want to strictly use routing rules you could:

  • Create a new custom attribute in your Okta user profile
  • In each of your Social User profiles create a static mapping of a value to the attribute in the Okta user profile
  • In routing rules create a rule for each social where User Matches is set to User Attribute. Match each of the social profile static values with the correct rule.

Thank You,