Configure Okta Identity Provider routing rules for iOS and Android devices for the Workspace ONE-Okta integration. These routing rules work with application sign on policies to redirect authentication requests from iOS and Android devices to Workspace ONE.
Procedure
- Configure the routing rule.
Option Description Rule Name Enter a name for the rule you are creating. IF User's IP is If appropriate for your implementation, you can specify network zones to which the routing rule applies or does not apply. Network zones must be defined already in Okta. AND User's device platform is Select Any of these devices, then select iOS or Android, or both, based on your requirements. AND User is accessing Select Any of the following applications, then enter the applications that you plan to configure with Device Trust app Sign On policy rules in the Okta Admin console. For more information, see Configure App Sign On policy rules in Okta.
AND User matches Select the appropriate option. - Anything
Specifies any user. This is the default option.
- Regex on login
Allows you to enter any valid regular expression based on the user login to use for matching. This is useful when specifying the domain, or if a user attribute is not sufficient for matching. For details, see Identity Provider Discovery.
- Domain list on login
Specify a list of the domains to match. For example, example.com. Do not add the @symbol to the domain name. You can add multiple domains. Note that it is not necessary to escape any characters.
- User attribute
Select an attribute name in the left list, a type of comparison in the Starts with list, and then enter a value that you want to match in the text field on the right.
THEN Use this identity provider Select the Identity Provider you created in Okta for Workspace ONE Access, as described in "Configure Workspace ONE Access as an Identity Provider in Okta". For example:
- Anything
