Create the Okta enterprise app in Azure Active Directory

To let Azure Active Directory communicate and exchange data with Okta, you need to create an Okta enterprise app in Azure Active Directory.

Before you begin

  • You need the following to integrate Azure AD with Okta:

    • An Okta instance

    • An Azure Active Directory Premium instance

    • A Microsoft 365 developer account

Start this task

  1. Sign in to the Microsoft Azure portal, click the portal menu icon in the top left, and select Azure Active Directory..
  2. In the right pane, click Enterprise application under Manage.
  3. On the Enterprise applications screen, click New application.
  4. Click Create your own application.
  5. In the Name field, enter Okta or your preferred name for the application and select Integrate any other application you don't find in the gallery (non-gallery).
  6. Click Create.
  7. Click Single sign-on in the left menu and click SAML.

    When creating the enterprise app in Azure Active Directory first, enter temporary values for Identifier (Entity ID) and Reply URL (Assertion Consumer Service URL) to generate the certificate for download. After you have made Azure Active Directory an identity provider in the next section, you can then update the values for Identifier (Entity ID) and Reply IRL (Assertion Consumer Service URL) here.
  8. In the SAML Signing Certificate area, select Download for Certificate (Base64), and download the certificate to your computer.

You'll need the certificate when you make Azure Active Directory an identity provider in Okta.

  1. In the Set up Okta area, record the values in these fields:
    • Login URL

    • Azure AD Identifier

    You'll need these values when you make Azure Active Directory an identity provider in Okta.

Next steps

Make Azure Active Directory an identity provider