I need to setup an application as an independent developer for a private client. Skip to main content
https://support.okta.com/help/answers?id=906f0000000i0vlia0&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Daniel CeregattiDaniel Ceregatti 

I need to setup an application as an independent developer for a private client.

Hi,

I've been tasked with adding single sign capatility to a branded version of my web based application for a client who uses Okta as an identity provider using AD integration. I've signed up as a developer and have performed the steps necessary to implement single sign on via SAML between my test sandbox and the branded version of my site. This branded site is intended to be private and only accessible to my client via Okta. Arriving directly at the URL of this site simply shows a page that reads "Access Denied. Please visit your application portal for access.". Right now clicking the chiclet in my developer sandbox is the only way to gain access to the site. The goal is for my client to have a working chiclet.

I've been told by the client that the only thing they need from me is to be able to find my published application in Okta so they can integrate with it, but my understanding is that would make my application publicly accessible to everyone on Okta. I spoke with technician from Okta who told me my client would have to setup their own chiclet manually with the same information as my chiclet. I agree with my client in that they should be able to integrate with something that I publish, but this will not work if what I publish is visible and accessible to all of Okta.

Is the only solution to this problem to have my client setup their own chiclet? I want to be absolutely sure this is the only recourse available before finalizing this integration with my client. Please advise.
Best Answer chosen by Niki (Okta, Inc.) 
Kevin TurnerKevin Turner (Okta, Inc.)
You are right the only way is to have your client set up is to get them to create a custom SAML connection to your published application and exchange the meta data between yourselves. When creating the custom application on your clients Okta tenant, get them to also check the box on "App Type" to denote that the application is set to "This is an internal app that we have created" on the feedback section of the SAML config and then it will only be avilable for that Okta tenant.

All Answers

Kevin TurnerKevin Turner (Okta, Inc.)
You are right the only way is to have your client set up is to get them to create a custom SAML connection to your published application and exchange the meta data between yourselves. When creating the custom application on your clients Okta tenant, get them to also check the box on "App Type" to denote that the application is set to "This is an internal app that we have created" on the feedback section of the SAML config and then it will only be avilable for that Okta tenant.
This was selected as the best answer
Daniel CeregattiDaniel Ceregatti
Thanks for your quick response!