Okta - SAML redirect to custom webapp Skip to main content
https://support.okta.com/help/answers?id=9062a000000bmllqai&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Jatin VaidyaJatin Vaidya 

Okta - SAML redirect to custom webapp

Hello,

I've configured a SAML2.0 IdP for Okta (i.e. Okta is SAML2.0 SP).
After successful IdP initiated authentication via SAML, I want user to be redirected to a custom app. Therefore I configured the "Relay State" on Okta (SP) to https://mydomain/customApp/customPath.
However, for security reasons, I think the user is not being redirected by the SP to an absolute URL but instead get's redirected to https://mycompany.okta.com/customApp/customPath (which is obviously not a valid URL).
How do I have the user redirected to this URL after successful SAML auth? https://mydomain/customApp/customPath

Thanks,
Jatin
Best Answer chosen by Jatin Vaidya
Jatin VaidyaJatin Vaidya
This issue is now resolved using a bookmark app on Okta pointing to my custom app. Thanks Gabriel for your help!

All Answers

Gabriel SrokaGabriel Sroka (Okta, Inc.)
Hi Jatin
Is Okta the IdP for the custom app? In other words, is it
External IdP -> Okta SP -> Okta IdP -> Custom App
?
 
Jatin VaidyaJatin Vaidya
Thanks Gabriel.

So, here is some more clarification. Imagine a simple custom-webapp/portal which asks user to enter their Okta username/password and then authenticates them by firing an Okta AuthAPI.

Now imagine the same webapp which now allows the user to use SAML** for authentication instead of username/password, by having the user click the SSO URL.
** (IdP = external, SP = Okta).

That's the reason why I need the user to be redirected to the custom-app (hopefully with a session cookie) after Okta validates the incoming SAML assertion.

Regards,
Jatin
Jatin VaidyaJatin Vaidya
This issue is now resolved using a bookmark app on Okta pointing to my custom app. Thanks Gabriel for your help!
This was selected as the best answer
Chidananda BoligaddeChidananda Boligadde
Jatin, 
Assuming your custom app is a SAML app in your Okta, can we use Custom App's Sign On URL as the relay state?  Should not this trigger the authenticated user to redirect to the Custom App's Sign On URL (also called as SSO URL) instead of showing him the Dashboard?