Simulate an IdP-initiated flow with the Bookmark App

A service provider-initiated (SP-initiated) flow occurs when an end user attempts to sign in to an external application directly on that application's sign-in website. For example, http://account.box.com/login is the sign-in location for the Box cloud application.

Some external applications only support an SP-initiated flow. However, you can use the Bookmark App integration to simulate an Identity Provider-initiated (IdP-initiated) flow to preserve the Okta user experience.

You can customize the Bookmark App integration to display the logo of the external application.

The Bookmark App integration doesn't support provisioning features.

Task 1 - Configure the external application integration

  1. Add an Okta app integration for the external application with an SP-initiated flow. Select from one of the thousands of OIN applications or create a custom app integration using the App Integration Wizard. See Add existing app integrations or Create custom app integrations. This app integration serves as the back-end connection between Okta and the SP; however, it creates an application icon that you must hide from the end user.
  2. To hide the application icon, enable both options in the Application visibility section when you add or create the app integration:

    This image shows the application visibility options.
    You can also change this visibility setting after you've added the app integration. In the General settings tab for the app integration, click Edit in the App Settings pane.

Task 2 - Configure the Bookmark App integration

Add an Okta Bookmark App integration to display the external application to the end user.

  1. In the Admin Console, go to ApplicationsApplications.

  2. Click Browse App Catalog.
  3. In the Search... field, enter Bookmark App. Click the Bookmark App integration.
  4. Click Add to create a Bookmark App instance.
  5. In the General Settings for the Bookmark App, enter the name of the external application and the URL for your domain at the external site. For example, https://atko.account.box.com/login, where atko is the domain of your account.
  6. This is the application icon that end users see, so clear both Application Visibility checkboxes:

    Image that shows the application label and URL fields that must be populated.

  7. Click Done to create the Bookmark App.
  8. Assign the app integration to the necessary users. See Assign app integrations.

Task 3 - Change the application icon appearance

You can add a custom logo to use as the application icon for your app integration.

A custom logo must meet the following requirements:

  • Image type must be PNG, JPG, or GIF (PNG is best)
  • Image dimensions should be at least 420 pixels by 120 pixels to prevent visual scaling issues
  • Image size must be less than 1 MB
  1. Click the menu icon on the logo tile, and then select Upload new logo.
  2. In the Upload New Logo dialog, click Browse files.... Locate and select the image to use as the application icon and click Open.
  3. Click Apply to set the application icon.

Your end users now have an application icon on their desktop that simulates the Okta IdP-initiated flow into the external application.

Related topics

Assign app integrations

Customize an application logo