<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008Zgl82SABOkta Classic EngineSingle Sign-OnAnswered2018-11-10T00:27:34.000Z2018-11-08T18:31:34.000Z2018-11-10T00:27:34.000Z

ChristopherZ.72522 (Customer) asked a question.

Edited November 8, 2018 at 6:55 PM
Okta as SAML SP use cases

As per https://support.okta.com/help/s/article/40561903-Configuring-Inbound-SAML?_ga=2.50625516.431168300.1541700713-1254996938.1541700713

 

  • Your users can SSO into apps without needing an Okta password.
  • You do not need to set up an Active Directory (AD) agent.
  • You can connect to a partner.
  • You can federate with another IdP.

 

I only get the last point, which is IDP chaining. In this case Okta is both a SP to an upstream IDP and an IDP to a downstream SP.

 

As I understand, Okta is not a proxy, and therefore does not proxy traffic to an app. When it gets the SAML assertion from an IDP, what does it do with it?

 

App traffic will not go through Okta. Is this correct?

 

  • 1 answer
  • 1.26K views

  • andrei.marcu1.5293353142357188E12 (Vendor Management)

    Hello,

     

    This is Andrei from Okta support.

    Related to the question we will just go ahead pass the SAML assertion from the IDP to the SP.

    Also the app traffic will not go through Okta.

    If you will require more information you can go ahead and open a support case as well.

     

    Thank you ,

    Andrei

    Expand Post
This question is closed.
Loading
Okta as SAML SP use cases