<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z0000A9lu82CQAOkta Classic EngineSingle Sign-OnAnswered2024-06-21T15:35:07.000Z2024-06-18T10:34:16.000Z2024-06-21T15:35:07.000Z

User17187025747293052032 (Customer) asked a question.

June 18, 2024 at 10:34 AM
Sign in with Okta

We want to allow users to sign in to our app using their enterprise credentials with which they access other applications that are integrated to their okta account. The flow we want is we give user a button on our Saas application which redirects them to okta, okta asks the user for email, password, etc and returns an access token to our server with which we can sign in the user.

I created an application integration inside Okta dev, using open ID, I was able to make the SSO work but the issue is, the integration is limited to my organization (the one which I created for dev account) only.

Now, I want to make it open to other organizations that are using Okta so that they can also sign in to our app but when I configured IdP as per the documentation and set the routing rules, then challenge/answer api is giving 401, can anyone tell me if it is possible to achieve it. If yes, then what else should I do?

I found about Okta Integration Network, if we submit our app to OIN, will that allow us to achieve the same functionality?

  • 5 answers
  • 295 views

  • Mihai Negoita - Okta (Okta, Inc.)

    Hi @User17187025747293052032 (Customer)​ , Thank you for reaching out to the Okta Community! 

     

    You are probably looking for this type of solution:  

    https://developer.okta.com/docs/concepts/multi-tenancy/

    Otherwise, if you are looking to make your app public and available in the Okta Integration Network catalog of apps that the public can add to their org you can look into the following:

    https://support.okta.com/help/s/article/okta-application-oin?language=en_US

     

    My advice would be to reach out to the dedicated Okta Developer forum via devforum.okta.com to take advantage of their expertise.

    While we'll do our best to answer all of your questions here, this medium is more inclined towards Okta core products and features (non-developer work). 

     

    If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you. 

     

    Hope my answer helps! 

     

    --

    Help others in the community by liking or hitting Select as Best if this response helped you.

    Expand Post

    • User17187025747293052032 (Customer)

      Hi, I had initially asked the query in dev forum, there I received a response for raising a support request. I tried it but looks like I don't have permission for it. So I asked here. Thanks for the links, I went through the links and tried OIN Integration setup. There is one more issue I am facing, it will be really kind if you can help with it.

      I created an app integration for OIN. Currently, I was able to setup an OIDC flow for signing the user in to my application but I have a query, I need client ID and secret for completing the flow (I am using python social auth for the integration), now for my application, I can get client ID and secret from the dashboard in okta dev but if my application gets published to OIN and some other organization which uses okta tries to integrate it, how can I get the client ID and secret for them?

      Will it remain same or is there any other thing to be done and I am doing something wrong.

      In most of the documentation it is mentioned that I will require these data but I was unable to find how to get this data for OIN integration.

      Expand Post

      • Mihai Negoita - Okta (Okta, Inc.)

        Once you have the app published in the catalog, other companies can pick it from the list and go through the templated setup flow. As par of the flow, each app instance will automatically generate a client ID an secret to be used. Similar to what you see when you set up a custom OIDC app.

         

        Regards.

        --

        Help others in the community by liking or hitting Select as Best if this response helped you.

        Expand Post

      • User17187025747293052032 (Customer)

        Yes, but how can our backend get the client ID and secret that was generated for the company that used our app from the catalog because we will require that to fetch user data from okta and sign in to our application?

      • Mihai Negoita - Okta (Okta, Inc.)

        Hi @User17187025747293052032 (Customer)​ ,

        Unfortunately, this would be outside of my area of expertise. The developer forum would be the best place to ask.

        I think they initially redirected you to Support assuming you have a paid account with us and the deployment implied Professional Services assistance.

        That being said, you can still ask for generic development advice there.

        Sorry I could not be of more help.

         

        Regards.

        --

        Help others in the community by liking or hitting Select as Best if this response helped you.

         

         

        Expand Post
This question is closed.
Loading
Sign in with Okta