How to Ensure Application Context is Passed to an External Identity Provider
Jul 11, 2025
Single Sign-On
Okta Classic Engine
Okta Identity Engine
Overview
This article explains why the Application Context is not being sent to an external identity provider (IdP).
Applies To
- Inbound Security Assertion Markup Language (SAML)
- Application Context
Cause
The issue occurs because the necessary feature for sending the Application Context is not enabled, or the checkbox controlling this functionality is not selected.
Solution
The solution requires enabling the appropriate feature or configuration option within the Okta Admin Console to ensure Application Context is included in the authentication request sent to the external Identity Provider.
Ensure that the following feature is enabled:
- Log in to the Okta Admin Console.
- Navigate to Settings > Features.
- Locate the Send Application Context to an External IdP feature.
- Click the toggle or checkbox to enable the feature.
Ensure the configuration option is enabled:
- Log in to the Okta Admin Console.
- Navigate to Security > Identity Providers > [Desired IdP] > Actions > Configure Identity Provider.
- Select Edit.
- Select the check box for Send Okta application context under SAML Protocol Settings > Application context.
