Configure Okta Identity Provider routing rules for desktop devices for the Workspace ONE-Okta integration. These routing rules work with application sign on policies to redirect authentication requests from desktop devices to Workspace ONE.

Procedure

  1. In the Okta Admin console, navigate to Security > Identity Providers.
  2. Click the Routing Rules tab, then click Add Routing Rule.
  3. Configure the routing rule.
    Option Description
    Rule Name Enter a name for the rule you are creating.
    IF User's IP is If appropriate for your implementation, you can specify network zones to which the routing rule applies or does not apply. Network zones must be defined already in Okta.
    AND User's device platform is Select Any of these devices, then select Windows, macOS, and Other desktop, or some of these options, based on your requirements.
    AND User is accessing Select Any of the following applications, then enter the applications to which you want to apply the routing rule.
    AND User matches Select the appropriate option.
    • Anything

      Specifies any user. This is the default option.

    • Regex on login

      Allows you to enter any valid regular expression based on the user login to use for matching. This is useful when specifying the domain, or if a user attribute is not sufficient for matching. For details, see Identity Provider Discovery.

    • Domain list on login

      Specify a list of the domains to match. For example, example.com. Do not add the @symbol to the domain name. You can add multiple domains. Note that it is not necessary to escape any characters.

    • User attribute

      Select an attribute name in the left list, a type of comparison in the Starts with list, and then enter a value that you want to match in the text field on the right.

    THEN Use this identity provider Select the Identity Provider you created in Okta for VMware Identity Manager, as described in Configure VMware Identity Manager as an Identity Provider in Okta.
    For example:
  4. Click Create Rule.

What to do next

Configure Conditional Access Policies in VMware Identity Manager for Desktop Devices