Configure Okta as an application source in Workspace ONE Access.

This is a one-time, initial configuration task.


You have configured Workspace ONE Access as an identity provider in Okta. See Configure Workspace ONE Access as an Identity Provider in Okta.


  1. In the Workspace ONE Access console, select Resources > Web Apps.
  2. Click the Settings button.
  3. Click Application Sources in the left pane.
  4. Click OKTA.

    add okta app source

  5. In the OKTA Application Source wizard Definition page, enter a description if needed, then click Next.
  6. In the Configuration page:
    1. For Configuration, select URL/XML.
    2. In the URL/XML text box, copy and paste the SP metadata that you downloaded from Okta in Add Identity Provider in Okta.

      add okta app source

  7. If you plan to configure device trust for iOS and Android mobile devices, click Advanced Properties and set the following options to Yes:
    Option Description
    Device SSO Response Send device posture information in the SAML response to Okta after the user is authenticated.
    Enable Force Authn Request Enable Force Authn request. The service provider can send the forceAuthn=true flag in the SAML request, which forces the user to be reauthenticated.
    Enable Authentication Failure Notification Receive SAML response error messages when authentication fails.
    Note: These properties are mandatory for the device trust solution for iOS and Android devices.
  8. Click Next.
  9. In the Access Policies page, select the default access policy set.
    Authentication requests from Okta applications will be authenticated using this policy set.
  10. Click Next, review your selections, and click Save.
  11. Click the OKTA Application Source again.
  12. In the Configuration page, modify the Username Value to match the value that Okta is matching against, such as Okta Username.

    add okta app source

  13. Save your changes.

What to do next

Assign the Okta application source to users.