servicea.28287 (Customer) asked a question.
How to set up an external IDP for Okta admins to have SSO
Hello there, people.
My requirement is that I am an Okta admin in our orgs, which also has other admins. So we have two orgs, each with its own three environments (UAT, Staging, Production). As an administrator, I currently have six different passwords for each domain, so I'd like to achieve a single sign-on for this. When an administrator logs in, he should be asked which domain he wants to access, and only one password should be used for all six domains. So, could we use an External IDP to get this functionality? I've looked over documentation but still can't obtain a clear image. Please assist.
Hello @servicea.28287 (Customer) Thank you for reaching out to our community.
This can be done through Inbound SAML and external IDP. There are 2 ways to do this, either through Custom SAML app and IDP or Org2Org SAML and external IDP.
You would need to create the SAML application in your main Okta tenant and the IDP in the target Org. Please see the required documentations below:
https://help.okta.com/en/prod/Content/Topics/Apps/Apps_App_Integration_Wizard_SAML.htm
https://saml-doc.okta.com/SAML_Docs/Configure-SAML-2.0-for-Org2Org.html
https://help.okta.com/en/prod/Content/Topics/Security/idp-inbound-saml-workflow.htm
Hope this helps!