This article provides instructions on how to customize the default Access Denied error message. This message appears in the Okta Sign-In Widget when a user is denied access to an application.
- Customization
- Sign-In Widget
- Okta Identity Engine (OIE)
Follow these steps to configure and test a custom access denied error message:
-
In the Admin Console, go to Customizations > Other.
-
In the Access denied error message section, click Edit.
-
Enter the desired custom error message in the field provided. It is also possible to add a help link with custom text and a URL.
-
Click Save.
-
Test the customization by attempting an action that triggers an access denied scenario, such as failing an authentication policy rule. Use the application Embed Link URL or the Service Provider (SP)-initiated login flow for testing.
NOTE: In Okta Classic Engine, the option to redirect unassigned users by configuring a custom error page URL is not supported for custom OpenID Connect (OIDC) applications. This redirect feature is primarily intended for Okta Integration Network (OIN) applications and does not apply to custom OIDC applications. As a result, users are denied access to a custom OIDC app due to sign-on policy restrictions, see the default error message, and the custom redirect URL is not triggered.
