<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
0D51Y000084xwZTSAYOkta Classic EngineSingle Sign-OnAnswered2020-04-02T03:00:07.000Z2020-03-17T08:15:04.000Z2020-04-02T03:00:07.000Z
Multi-Tenant Authentication with Tenant-specific IdPs

We are trying to develop SSO authentication system for a suite of our applications that would be used by our customers coming from various companies. We wanted to understand the options to setup multi-tenant authentication where each tenant could bring their own IdPs which our applications can authenticate against.

 

The specific points we want to understand are:

 

  1. How do I isolate one tenant's users & groups from other tenant? It there like a authentication realm or pool that I need to setup?
  2. Can I configure upstream IdPs for a given tenant so that they are redirected to their IdP for login while Okta issues authetication tokens/assertions to downstream applications we build?
  3. Does Okta provide ways to configure tenant-specific URLs which can be used to start the authentication process?
  4. Finally, is there support for multiple upstream IdPs for a given tenant? For example, some of our customers have different IdPs for their users from different regions. Is this supported in Okta?

 


  • Hi there! Apologies for the lack of response to your question. Going forward, we're implementing a new process to ensure that all Discussions receive a response from either another Community member or from the Okta Support team within 7 days of posting. Thank you for your patience while we put this into action!

     

    I know this question is a bit old now, but If you’re still looking for information or help I’d recommend reaching out to the fine folks in the Admin Pro Tips group to see if anyone there can help: https://support.okta.com/help/s/group/0F90Z000000EK23SAG/admin-pro-tips

     

    Thanks 🙂

    Expand Post
This question is closed.
Loading
Multi-Tenant Authentication with Tenant-specific IdPs