Admin-MattM.11539 (Customer) asked a question.
Exempt a specific app from IWA?
Has anyone found a way to have a specific site bypass IWA and force it to use the forms based login page? We have a specific app we use that is subject to industry regulations that makes it not suitable for Integrated Windows Authentication.
The article https://support.okta.com/help/blogdetail?id=a672A000000XZyEQAW&_ga=2.35588321.1104916795.1564432074-1498102661.1530103495 describes a way of doing this at the client-level using IIS ARR, but we would need it at the app (referring URL?) level. I'm not familiar enough with ARR to know if this is adaptable.
Has anyone encountered this scenario and solved it?
Thank you for posting on our Community Page.
You don't necessarily need to use a rewrite rule (https://support.okta.com/help/s/article/Common-Desktop-SSO-URL-Rewrite-Rules) or IIS ARR; what you can do is to use the Reroute Rules (Security -> Identity Providers -> Routing Rules) and set up a rule to dictate that all users that are trying to access Okta via that specific app to log into Okta directly (basically, bypassing Okta).
Thank you,
Paul Auer
Technical Support Engineer | Okta