We have an app where we want to add support for SSO using Okta to sign in to our app. I created an application integration inside Okta dev, using open ID I was able to make the SSO work but the issue is, the integration is limited to my organization (the one which I created for dev account) only.
Now, I want to make it open to other organizations that are using Okta so that they can also sign in to our app but when I configured IdP as per the documentation and set the routing rules, then challenge/answer api is giving 401, can anyone tell me if it is possible to achieve it. If yes, then what else should I do? (I am currently using the default server, should I create new authentication server)
The application log shows this:
User login to Okta VERIFICATION ERROR
This might involve many sensitive bits regarding your sign-on policies and other covered aspects or a HAR file and configured domains. Can you open a Support case instead with Okta?
Ideally the configured domains maybe an issue as SSO is sensitive to domain changes if the domains are not part of your sign in flow, also we might need to understand so many aspects to ensure this is configured correcty on the Idp side,Application Sign on policies.
Again to re-iterate please don’t share any sensitive info - if you have a production okta org please raise a support case with us.
Hello Krishna, thanks for your response. I think my query created some misunderstanding.
The use case we are trying to achieve is allowing users to sign in to our app using their enterprise credentials with which they access other applications that are integrated to their okta account. The flow we want is we give user a button on our Saas application which redirects them to okta, okta asks the user for email, password, etc and returns an access token to our server with which we can sign in the user.
I found about Okta Integration Network, if we submit our app to OIN,will that allow us to achieve the same functionality?
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.