Simulate an IdP-initiated flow using the Bookmark App

A service provider-initiated (SP-initiated) flow occurs when an end user attempts to sign in to an external application directly on that application's sign-in website. For example, http://account.box.com/login is the sign-in location for the Box cloud application.

Some external applications only support an SP-initiated flow, but you can use Okta's Bookmark App integration to simulate an Identity Provider-initiated (IdP-initiated) flow to preserve the Okta user experience.

You can customize the Bookmark App integration to display the logo of the external application.

Note

The Bookmark App integration does not support provisioning features.

Task 1 - Configure the external application integration

  1. Add an Okta app integration for the external application with an SP-initiated flow. Select from one of the thousands of OIN applications or create a custom app integration using the App Integration Wizard. See Add existing app integrations or Create custom app integrations. This app integration serves as the back-end connection between Okta and the SP; however, it creates an application icon that you must hide from the end user.
  2. To hide the application icon, enable both options in the Application visibility section when you add or create the app integration:

    This screenshot shows the application visibility options.
    You can also change this visibility setting after you have added the app integration. In the General settings tab for the app integration, click Edit in the App Settings pane.

Task 2 - Configure the Bookmark App integration

Add an Okta Bookmark App integration to display the external application to the end user.

  1. In the Admin Console, go to Applications > Applications.
  2. Click Browse App Catalog.
  3. In the Search... field, enter Bookmark App. Click on the app integration called Bookmark App.
  4. Click Add to create a new Bookmark App instance.
  5. In the General Settings for the Bookmark App, enter the name of the external application and the URL for your domain at the external site. For example, https://atko.account.box.com/login, where atko is the domain of your account.
  6. This is the application icon that end users see, so leave both Application Visibility boxes unchecked:

    Screenshot showing the application label and URL fields that must be populated.

  7. Click Done to create the Bookmark App.
  8. Assign the app integration to the necessary users. See Assign app integrations.

Task 3 - Change the application icon appearance

You can add a custom logo to use as the application icon for your app integration.

A custom logo must meet the following requirements:

  • Image type must be PNG, JPG, or GIF (PNG is recommended)
  • Image dimensions should be at least 420 pixels by 120 pixels to prevent visual scaling issues
  • Image size must be less than 1 MB in size
  1. Click the pencil icon at the top right corner of the star icon to open the Edit Logo dialog:

    Screenshot showing the location of the edit button in the top right of the icon.

  2. In the Edit Logo dialog, click Browse. Locate and select the image to use as the application icon and click Open:

    Screenshot showing the Edit Logo dialog.

  3. Click Update Logo to upload and set the application icon.
  4. Click Close.

Your end users now have an application icon on their desktop that simulates the Okta IdP-initiated flow into the external application.

Related topics

Assign app integrations

Customize an application logo