Our org is configured with Desktop SSO on. When I connect to the logon page from an authorized gateway IP I'm logged in automatically. When I connect to the logon page from an IP address that is not an authorized gateway IP I get "page not found" as it tries to resolve sso.mydomain.com. Is this working as expected? If it is users will need to know 2 different url's depending if they are on network or off.
The user only needs one url. company.okta.com. When the user is on a gateway IP, it will redirect them to the IWA server to automatically log them in. When they are not, it will direct them directly to the Okta login portal so they can enter their credentials.
There seems to be a misconfiguration. The guide to set up Desktop SSO is here: https://support.okta.com/help/articles/Knowledge_Article/28101616-Configuring-Desktop-SSO Here is the training video on it: https://support.okta.com/help/articles/Knowledge_Article/Directory-Integrations-Desktop-Single-Sign-On-SSO
I found my configuration error. I had inadvertently added a gateway IP address that wasn't correct. When connecting, Okta was sending me to sso.mydomain.com. I wasn't on the corporate network so couldn't resolve sso.mydomain.com.