Application integration Frequently Asked Questions
Access Gateway application integration frequently asked questions and best practices.
Question: After adding an app using the Access Gateway Console UI, I made a change to the app in my Okta tenant. Specifically, I modified the attributes being sent, and later noticed these changes weren't reflected in Access Gateway. What am I doing wrong?
Answer: You should never modify Access Gateway application attributes in your Okta tenant. All modification should be done using the Access Gateway Admin UI only. Your Okta tenant doesn't push application attribute changes to Access Gateway, and the next time the app is updated in Access Gateway those updates will overwrite any changes made in your Okta tenant. You should never change an applications SAML attributes in your Okta tenant directly.
Question:During initial development and testing, I assigned an application to the Everyone group using the Access Gateway Admin UI console. Can I modify the application group within my Okta tenant?
Answer: Yes, changes made to the group assignments for an application are reflected in the Access Gateway Admin UI console for the affected application.
Question: Are there a set of common configuration changes I can make through the Okta tenant Admin Console?
Answer: Yes, areas which can be modified through your Okta tenant include groups, sign in policy, hiding or displaying the application tile, activating and deactivating the application.
Question: I created a test application using the Access Gateway Admin UI console and deleted it within my Okta tenant. Is there anything else I need to do?
Answer: Applications can be deactivated and deleted within your Okta tenant. The application definition within Access Gateway is NOT deleted. To completely remove an application from within Access Gateway you must delete it using the Access Gateway Admin UI console.
Question: Help! I accidentally deleted an Access Gateway application from within my Okta tenant! Can it be restored?
Answer: Yes! Access Gateway applications can be recreated within your Okta tenant by simply opening the application for edit. If the application was removed from your Okta tenant you will be asked if you wish to recreate it, answer yes. The application will then be recreated within your tenant. Keep in mind that previous change made on using the Okta Admin console , such as adding, deleting or modifying group assignments, must be reconfigured against to what is effectively a new application.
Question: Can I call out to a third party system and manipulate data before Okta passes the data to Access Gateway?
Answer : Yes, there are a several ways to do this. You could configure an Okta SAML Hook to change data, but if the app is updated in the Access Gateway, the hook information will be lost. You can also use Universal Directory to store the modified data in a custom attribute in the Okta user profile.
A third option is to use Access Gateway data stores to connect to either anLDAP or SQL database. You can then use that data store to add additional application data.
Question: I want to completely delete anAccess Gateway app how do i do that?
Answer: To completely delete an app, first delete it from Access Gateway using the Access Gateway Admin UI. Then, within your Okta tenant, disable the app, and delete the app.