When Okta is configured as a SAML identity provider in the Workspace ONE Access console, you enter Okta Authentication as the authentication method to associate with this identity provider. You can also customize the sign-in experience in Workspace ONE Access to use the Okta Custom Login Screen authentication method and create a custom sign-in screen.
Prerequisites
- Verify that Okta is configured as a third-party application source and Okta applications are added to the Workspace ONE catalog. See Integrating VMware Workspace ONE with Okta documentation.
- An Okta OAuth 2.0 Client service created. See the Okta documentation about how to create the OAuth 2.0 service, add a client ID, and client secret.
- Obtain the Okta tenant URL and client identifier number.
- Know the log in redirect URL to register with Workspace ONE Access.
- Know the URLs for the logo and background color for the sign-in screen, if you are customizing the page.
Procedure
- In the Workspace ONE Access console page, select Okta Custom Login Screen.
- Click CONFIGURE and configure the Okta custom login setting.
- Select the Enabled check box.
- Configure the following.
Configure Description Enable Select to enable login with the Okta widget URL Enter the URL of the Okta tenant. For example, https://mytenant.okta.com.
Client Identifier Enter the client ID that is used in the Okta sign-in widget for authentication.
Logo URL Enter the URL web address of your logo image file. For example, https://logo.mycompany/images/tools/logo_lv1.png
Background URL Enter the URL web address of the background image file to use. For example, http://www.imagelocation.com/background/pattern/background-pattern-005.jpg.
Redirection URL Enter the URL that is provided when the OAuth Client was created. This redirection URL is used when authenticating users to match against the client's redirection URL.
- Slick SAVE.
Example: Customized okta Sign-In Screen
What to do next
- Associate the Okta Custom Login Screen authentication method in the built-in identity provider. See Complete Creating the New Identity Provider in Workspace ONE Access documentation.
- After the Okta Custom Login Screen authentication method is associated to the built-in identity provider, create an access policy rule to use this auth method. See Add Okta Authentication Method to Access Policies in Workspace ONE Access documentation.
