When configuring an Org2Org integration using OpenID Connect (OIDC), users may encounter an error when accessing the bookmark application that end user needs to access from Spoke End User Dashboard. This issue typically arises because the bookmark URL defaults to a SAML endpoint or uses an incorrect OIDC authentication flow format.
This article details the correct URL format required to resolve this error.
Page Not Found
- Org2Org
- OpenID Connect (OIDC)
- Bookmark Application
The bookmark application URL is not configured with the correct OIDC endpoint format in Spoke.
To resolve the connection error, configure the bookmark URL using the specific format required for the Hub-Spoke OIDC connection.
-
Construct the new URL using the following format:
https://<Hub Okta URL>/sso/idps/<IdP ID>?fromURI=<Target Application Embed Link> -
Replace
<Hub Okta URL>with the domain of the Hub (Target) Okta tenant (for example,https://example-hub.okta.com). -
Replace
<IdP ID>with the Identity Provider (IdP) ID from the Hub OIDC IdP configuration. -
Replace
<Target Application Embed Link>with the Embed Link of the target application in the Hub. -
In the Spoke (Source) Okta tenant, go to the Bookmark App configuration.
-
Paste the complete URL into the URL field.
-
Save the changes.
-
Test the connection to ensure the URL calls the Hub, redirects to the Spoke to validate the session, and successfully accesses the target application.
