Okta Browser Plugin
The Okta Browser Plugin enables automatic single sign-on (SSO) for app integrations that require end user credentials. For example, applications that don't support SAML, or a direct form POST to a URL.
You can set up the Okta Browser Plugin for your own admin account and also configure it for the users in your org.
How the Okta Browser Plugin works
When you launch an app integration from the Okta End-User Dashboard, a new browser tab opens, pointing to the URL configured for that application. The Okta Browser Plugin uses an encrypted SSL connection to obtain authentication and other required information from Okta and passes that information to the application. The browser doesn't store credentials after authentication is complete.
To enhance security, the Okta Browser Plugin only works with trusted and verified sites.
If you haven't installed the Okta Browser Plugin but app integrations on your Okta End-User Dashboard require it, a notification is displayed on the dashboard along with an installation link.
Okta Browser Plugin only supports applications that are authenticated through Secure Web Authentication (SWA) for single sign-on. It doesn't support applications that use federated authentication standards for SSO such as SAML or OIDC.
What you can do with the Okta Browser Plugin
- Automatically sign in to apps
- If you go to the sign-in page of an Okta-enabled SWA app, the Okta Browser Plugin automatically inserts your password credentials.
- Okta recommends that you enable this option for all your trusted SWA apps. This feature is a per-app setting and must be enabled individually for each app.
- Automatically initiate an Okta sign-in event
- If you aren't signed in to Okta and go directly to an Okta-enabled app, a pop-up banner appears with a Sign in button. On the pop-up banner, you can sign in to your Okta account and then sign in to the app without having to go to the Okta End-User Dashboard.
- Automatically fill in credentials on sign-in pages
- If you navigate directly to the sign-in page of an Okta-enabled SWA app, but you chose not to enable automatic app sign-in, the pop-up banner provides an option to auto-fill your credentials.
- Automatically insert passwords on password-update pages
- If you're on a password-update page of an Okta-enabled SWA app, the pop-up banner can automatically insert your current password.
- Generate a strong password
- When creating or changing passwords for your SWA-based applications, Okta Browser Plugin auto-generates a strong password that users can use. This password is automatically saved to your Okta account.
- Update passwords
- When you change your password in an Okta-enabled SWA app, the Okta Browser Plugin offers the option to update Okta with your new password.
- Quickly jump to Admin Console
- After you sign in to the Okta End-User Dashboard, you can launch the Admin Console from a link in My Apps.
- Switch between multiple Okta accounts
- You're prompted to trust or reject subsequent Okta accounts the first time you access them. Over time, you can create an easily accessible list of Okta accounts through the Okta Browser Plugin icon.
- Prevent web browsers from saving sign-in credentials
- You can prevent web browsers from saving sign-in credentials for Okta and for third-party apps that you access through the Okta End-User Dashboard.
- Create passwords upon sign-up with a new service
- This is an Early Access feature. To enable it, contact Okta Support.
- You can use the plugin to create passwords for apps when you create an account. After you've added your app to the Okta End-User Dashboard, you can use the app settings panel to modify the sign-in URL for your app.
- See View the app settings page.
Install the Okta Browser Plugin
Configure the Okta Browser Plugin for your org
Configuring the Okta Browser Plugin for the users in your org ensures enhanced security for all app integrations launched through the plugin.