Redirect unauthenticated users to a custom login page

Deprecation notice: This feature is being deprecated from Classic Engine. However, it remains supported for customers already using it in Identity Engine. For questions or concerns, contact your Customer Success Manager (CSM) or Okta Support.

If unauthenticated users attempt to access an Okta-managed application outside of Okta, you can redirect them to a default or custom login page.

1. In the Admin Console, go to Applications > Applications.

2. Select the app integration where you want to add the redirect.
3. Click the General tab.
4. Click Edit in the App Embed Link section.
5. Select one of the following in the Application Login Page section:
   • Use the default organization login page: This is the default setting. Unauthenticated users are redirected to your Okta sign-in page.
   • Use a custom login page for this application: If you select this option, enter the custom Login page URL. Okta will append the relay state using a query parameter called fromURL.

     Your external application must be configured to use a GET binding when validating the response. POST bindings are not supported.

     The redirect URL to your custom login page is url-encoded and will look similar to the following:

     https://login.example.com?fromURI=https%3A%2F%2Fexample.okta.com%2Fhome%2Fsalesforce%2F0oa1i6eFhPeRNeI7Y0g4%2F24

6. Click Save.