btlmr (btlmr) asked a question.
How to configure SSO for multiple SharePoint sites within a farm with separate access groups?
We are currently attempting to set up single sign-on (SSO) for two SharePoint 2019 sites located within the same farm. Each site has its own access group, and we have already created two Okta SharePoint apps for this purpose. However, we encountered an issue while creating the SPTrustedIdentityTokenIssuer for the second SharePoint site. The error message displayed was "New-SPTrustedIdentityTokenIssuer: The trusted provider certificate already exists."
We would like to know if it is possible to configure Okta SSO for multiple SharePoint sites within a farm that have separate access groups.
Hi @btlmr (btlmr) , Thank you for reaching out to the Okta Community!
I’ve reviewed the available documentation and the use case described by you is not explicitly documented.
https://help.okta.com/oie/en-us/content/topics/deploymentguides/sharepoint/guide/deploy-sharepoint.htm
https://help.okta.com/oie/en-us/content/topics/deploymentguides/sharepoint/guide/deploy-scenes.htm
I’ve also checked internal resources to see if we had any similar reports, but found none.
Under the app set-up instructions, I see there is mention of leveraging a specific PowerShell script to “create an Okta Trusted Token Issuer” but nothing about a use case for multiple sites.
As of now, I would say this is not a supported use case, but we’ll leave this question open for Community, in case someone else came across this scenario and can provide some additional insight.
If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you.
Hope my answer helps!
--------------------------------
Ask Away: OIG Product Experts Answer Your Questions Thru Thur., Dec 14