SEV-1: Locked out of Okta Admin due to IdP Routing Rule (No Super Admin Access)

Hello Okta Team,

We are facing a complete Okta admin lockout scenario.

Org URL: https://integrator-4226997.okta.com

Azure AD was configured as an external Identity Provider and an IdP routing
rule was enabled based on email domain. Unfortunately, both Super Admin
accounts use the same domain, so all admin logins are now redirected to
Azure AD.

Azure AD authentication succeeds, but Okta returns 403 / Login failed.
There are no remaining Super Admins who can disable the routing rule or
restore local authentication.

End users (different domain) can still log in, confirming federation works.
A support request has already been submitted, but no response yet.

Requesting assistance to route this to Okta Support / IAM engineering for
backend recovery of admin access.

Thank you.

Can you try using the following URL so that a super admin with a password within Okta can login and fix this configuration without encountering your routing rules: https://integrator-4226997.okta.com/login/default

Hi Andrea,

Thank you for the suggestion. Using the /login/default URL worked successfully.

We were able to log in as Super Admin, disable the IdP routing rule, and restore normal admin access.

The issue is now resolved.

Appreciate your help.

Thanks,
Abishek

Phew, glad to hear you were able to get back in!

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.