
KarthikP.51024 (Customer) asked a question.
We are integrating SAML app with okta. This app needs FirstLogin attribute from okta in SAML Assertion. If FirstLogin is yes, they show NDA page for user to agree. Once user firstlogin is completed, Okta should send FirstLogin attribute as no in subsequent logins to this app.
How do I achieve this? I am planning to use SAML inline hooks that checks okta syslogs for login events for this app. The custom endpoint will check if user is accessing for first time and pass firstlogin as yes, otherwise no. Is this correct approach? Are there any other solutions with least customization?
Any insight is highly appreciated

It is possible to achieve this via a custom login page and making use of an attribute however this would depend on how the accounts are created to ensure that the attribute exists. If the user uses and logs in via self service this may not be the best option.
You could use a workflow to set the attribute as described above but I would recommend opening a support ticket to further discuss as the solution may be a combination of the two since the NDA may need to be added to the custom login page mentioned above.
Best Regards,
Dan
NDA popup is only required for target app protected by Okta. Like custom attribute in Okta should have FirstLogin value as true. App will read this value and show NDA page. Now Okta should set the value to false since the user is logged in for first time.