Create a SWA integration using AIW

A SWA integration provides Single Sign-On (SSO) for applications that don't support proprietary federated sign-on methods. SWA works with any web-based application.

Before you begin

Ensure that you add Okta to your browser's allow list for 3rd-party cookies to prevent errors in your integrations. See Allow third-party cookies for detailed instructions.

Task 1: Launch the Wizard

  1. In the Admin Console, go to Applications > Applications.
  2. Click Add Application.
  3. Click Create New App.
  4. To create a SWA integration, select Web as the Platform and Secure Web Authentication (SWA) for the Sign on method.
  5. Click Create.

Task 1: Launch the Wizard (new entry path)

This is an Early Access feature. To enable it, contact Okta Support.

  1. In the Admin Console, go to Applications >Applications.
  2. Click Create App Integration.
  3. To create a SAML integration, select SWA - Secure Web Authentication as the Sign-on method.
  4. Click Next.

Task 2: Configure general app settings

The SWA App Wizard has two sections:

  1. General Settings:
    • App name — Specify a name for your integration.


      The name can only consist of UTF-8, 3-byte characters.

    • App's login page URL — Enter the full URL of the sign-in page for your SWA application. This URL may be different from the landing page.
    • Advanced Settings/Redirect URL — Click the Show Advanced Settings link to show the Redirect URL field. This additional field allows you to specify a redirect URL for your application.
    • Optional. App logo — Add a logo to accompany your integration in the Okta org. The logo file must be PNG, JPG, or GIF format and be smaller than 1 MB in size. For best results, use a PNG image with a transparent background and a landscape orientation. Use a minimum resolution of 420 x 120 pixels to prevent upscaling.
    • App visibility — Choose whether to hide your integration from your end-users' homepage. Choose whether to hide your integration from the Okta Mobile Apps Store on your end-users devices.
    • App type — If your company created the integration and it is not intended for public use, select This is an internal application that we created.
  2. Configure how your users sign in:
    • Who sets the credentials? — Choose who sets the initial password and username credentials: your end users or your org administrator.
    • Application username — Choose the format for the default username value when assigning the integration to end users.
    • Update application username on — At what point is the username updated in the integration.
  3. Click Finish.

Next steps