In an Org2Org setup, the end-user accesses the Spoke tenant dashboard first, and then, by clicking on the Org2Org icon, access to the Hub's dashboard is granted. Once on the Hub dashboard, the hub-assigned applications are available.
The flow looks like this: Spoke end-user dashboard > Hub end-user dashboard > Hub app. A bookmark app can help skip the middle part (the user landing on the hub tenant dashboard). The flow will look like this: Spoke end-user dashboard > Bookmark app (that will launch the hub app session).
- Org2Org
- Bookmark App
- Okta Integration Network (OIN)
The following instructions enable users in the Spoke (source) org(s) to log in directly to an application that is managed and provisioned by a single Hub (target) org.
- Log into the Hub (target) org, locate and copy the App Embedded link visible under the General tab of the application for which the Bookmark app will be created on the Spoke (source) org, and then copy the link to the Bookmark app on the Spoke (source) org.
- Log in to the Spoke (source) org and go to the Admin console. Click on Add Application, then add Bookmark App. The bookmark app will require a descriptive name and a URL. Three things are required to construct the URL:
- Copy and paste the IdP Single Sign On URL value (available on the Hub, in the Org2Org IDP settings) to the Bookmark app URL field.
- While in the Bookmark app URL field, add the following at the end of the value from the previous step:
?RelayState=
- The
?RelayState=value is followed by the Embedded link of the application hosted in the Hub (target) from Step 1.- This value is found under the General tab of the application hosted in the Hub (target) org.
The value for the Bookmark URL should look like this: IdPSingleSignOnURL?RelayState=AppEmbeddedLink.
Related References
