The Applications Page

The Applications menu contains options that allow you to assign applications to users individually or for groups. For an overview of these functions, see Applications.

To open the Applications page:

  1. In the Admin Console, click the Applications drop-down menu.
  2. Choose Applications.
  • Top buttons allow you to easily add custom (Create App Integration)or pre-built (Browse App Catalog) app integrations, or assign (Assign Users to Apps) existing app integrations to your end users.
  • The More button reveals the Refresh Application Data function, which works with provisioning to sync roles, profiles, and groups data from configured apps into Okta.
  • Clicking the Active or Inactive tabs under the Status column displays your org's active and inactive apps, respectively.
  • The Action drop-down menu adjacent to each app allows you to easily assign users or groupsor deactivate an active application. After an application is deactivated it is moved to the Inactive tab where you can deleteit from your Okta org.

When setting up or maintaining users, you can assign the applications you want to display on your end users' My Applications or home page. You can assign apps individually or for groups.

Assign individual applications:

There are two ways to assign individual apps.

Applications page

  1. From the Applications page, search or scroll down to the application you want to assign to one or more people/groups.
  2. Click the Action button drop-down menu.
  3. Choose Assign to Users or Assign to Groups.

Specific app

  1. From the Applications page, search or scroll down to the app you want to assign to one or more people/groups.
  2. Click the individual app to view its page.
  3. On the app specific page, select the Assignments tab.
  4. Click Assign.
  5. Choose either Assign to People or Assign to Groups. An Assign <app name> to People /Assign <app name> to Groups dialog appears listing available end users or groups who are not already assigned to the selected app.
  6. Click the Assign button next to each user or group for which you want this app assigned. For users, complete the Attributes page.
  7. Assign more users/groups, or click Done.

Assign applications for people and groups

  1. From the Applications page, click Assign Users to App.

    The Assign Applications page appears. On the left of this screen is a list of available Applications. On the right of the screen, there is a list of People in your org.

  2. From the list of available Applications, select the application(s) that you want to assign to users. Selecting the checkbox at the top of the list selects all listed applications
  3. From the list of People in your org, select the users to whom you want to assign the selected application(s). Selecting the checkbox at the top of the list assigns the applications to all users.

    To assign to group(s):

    (a) Select Search by group in the drop-down menu next to the People search field.

    (b) Enter the name of the group, then select the users.

  4. Click Next.
  5. Review the summary page and complete any additional information requested on the page.
  6. Click Confirm Assignments.

Manage assignments for an app

An enhanced app assignment screen is available that shows people and groups on the same screen with a toggle. From the Applications page, select an app and then click Assignments.

Note

If you enable provisioning for an app that already has users assigned to it, Okta will not automatically provision the app to these existing users. These non-provisioned users are distinguished with a warning symbol. Click Provision Users to provision these users to the downstream app.

  • To filter the display between Groups and Users, use the toggle buttons in the Filters column. Only users and groups to whom the app is already assigned are displayed.
  • To assign the app to new users or groups, click the Assign button and select either Assign to People or Assign to Groups. Then, click Assign as desired from the list that appears.
  • This screen displays an error message if an assignment cannot be completed. To edit an assignment, click the pencil icon next to the name. To delete an assignment, click the X icon.

Custom attribute handling

Any custom attributes that are set up for an app contain a default mapping. You can override the default mapping for an individual by adding a value for the attribute or reset the custom value to the default value automatically.

Example: For an app, you can set up a custom variable Nickname that is mapped by default to the Firstname field. For a user assigned to an app, you can enter a nickname and, if desired, reset the nickname to the default value.

Prerequisites: The custom variable must already be set up. See Add custom attributes to apps, directories, and identity providers.

To set the custom value, assign the individual to the app or edit an assigned user. In the edit panel, all custom variables appear but no value is displayed.

  • To keep the default value, no action is necessary.
  • To add a custom value, enter the value and click Save.
  • To reset a custom value to the default value, click the reset icon below the value. The calculated default value for that user displays. When done, click Save.

You can convert the application access and user properties settings so that applications are managed and assigned through a group instead of individuals.

Converting assignments has the following effects:

  • User properties are managed by the group. Changes at the group level are applied to all users managed by the group.
  • Application access is managed by the group. Removing an application from the group removes the app from the user.

You can determine whether a user's application assignment is individually or group-managed by selecting the user on the People page. The assignment displays as Individual or shows the group name.

Prerequisites: You must have assigned the application to an existing group before you can convert any individual assignments.

To convert application assignments from individual to group, do the following:

  1. From the Admin Console select Applications.
  2. From the list of apps, find the app you wish to convert.
  3. Select the Assignments tab.
  4. Click Convert Assignments.
  5. Select the desired users and then click Convert Selected or, to convert all your users, click Convert All.
  6. Click Yes to confirm the change.

    A confirmation message appears that provides the total number of converted users.

To embed an Okta-managed application in a portal or other external location by obtaining the embed link:

  1. Click the Action button drop-down menu adjacent to the desired app. Choose Copy embed link to clipboard.
  2. The embed link URL is automatically copied. Paste it into your portal or other external location outside of Okta.

You can now sign into this app outside of Okta. To stop displaying the embed links, click Hide app embed links.

Note: Alternatively, you can obtain an embed link by selecting an application, selecting its General tab, and copying the URL provided in the Application Embed Link section.

If unauthenticated users attempt to access an Okta-managed application outside of Okta, you can redirect them to a default or custom login page.

  1. From the Applications page click an application.
  2. Click the General tab.
  3. Click Edit in the App Embed Link section.
  4. Select one of the following in the Application Login Page section:
    • Use the default organization login page – This is the default setting. Unauthenticated users are redirected to the Okta login page.
    • Use a custom login page for this application – If you select this option, enter the URL to the custom login page. Okta will append the relay state through a query parameter called fromURI.

      Note: Your Service Provider must be configured to use a GET binding when validating the response. POST bindings are not supported.

      The redirect URL to your custom login page will be url-encoded and look similar to this:

      https://login.example.com?fromURI=https%3A%2F%2Fexample.okta.com%2Fhome%2Fsalesforce%2F0oa1i6eFhPeRNeI7Y0g4%2F24

  5. Click Save.

If end users attempt to access an app to which they are not assigned, you can configure Okta to automatically redirect them to Okta's default URL or a custom URL that you provide. Unassigned users are more likely to try to access apps if you embed app links in your portal or other sites outside of Okta.

  1. From the Applications page click an application.
  2. Click the General tab.
  3. Click Edit in the App Embed Link section.
  4. Select one of the following in the Application Access Error Page section:
    • Use the error setting on the global settings page – Select this option if you want to redirect unassigned users to the same default URL specified in the org-level (global) setting (Settings > Customization > Configure an Application Access error page).
    • Use a custom error page for this application – Select this option if you want to redirect unassigned users of this app to a custom URL that you provide. This app-specific option overrides the default org-level setting described in the previous bullet.
  5. Click Save.

You can add notes to apps during app creation or at any time to communicate with end users and other admins about apps. In addition to enhancing app deployment and usage, app notes can also reduce help desk calls, provide troubleshooting assistance, and increase end-user self service.

App notes facilitate the following types of communications:

  • Application notes to end users – Allows admins to present helpful information to end users, such as the purpose of the app, who to contact for help, and links to information.
  • Application notes to admins – Allows admins to share administrative details about apps with other Super, App, Read-only, and Mobile admins.
  1. Go to Applications.
  2. Click the app in which you want to add app notes.
  3. Click the General tab.
  4. Enter notes in the app note fields for end users and/or admins. If an app contains app notes for end users, an icon appears below the app chiclet on end user dashboards and an App Notes tab appears in app settings.
  5. Click Save.

Note

  • Notes cannot exceed 250 characters, including spaces.
  • To enter a link or an email address, simply type it in the field. These are converted to links in the admin-to-end user app note after you save it. Supported link protocols are http, https, and ftp.
  • Admin-to-admin app notes are visible only to Super, App, Read-only, and Mobile admins.
  • HTML tags are not supported.
  • Custom OIDC apps are not supported.

You can customize an application logo by replacing it with your own image. The custom logo must meet the following requirements:

  • Image type must be PNG, JPG, or GIF format
  • Image size must be smaller than 1 MB in size
  • For best results, use a PNG image with a transparent background, a landscape orientation, and use a minimum resolution of 420 x 120 pixels to prevent upscaling.
  1. From the Dashboard, select Applications.
  2. Locate and click the app whose logo you want to customize.
  3. Mouse over the app's current logo, then click the pencil icon.
  4. In the Edit Logo dialog box, click Browse to find the custom logo file, and then click Update Logo.
  5. Click Close. The updated logo is visible to all users who have been assigned this app.

To revert to the original image, follow the same steps to access the Edit Logo dialog box, and then click Reset logo.