Okta Browser Plugin

The Okta Browser Plugin enables you to automatically sign into applications that would otherwise require you to manually enter your credentials (e.g., applications that do not support SAMLAn acronym for Security Assertion Markup Language, SAML is an XML-based standard for exchanging authentication and authorization data between an identity provider (IdP) and a service provider (SP). The SAML standard addresses issues unique to the single sign-on (SSO) solution, and defines three roles: the end user, the IdP, and the SP. Here's how SAML works through Okta: SP-initiated flow: the end user requests (principally through a browser) a service from the SP. The SP requests and obtains an identity assertion from the IdP (in this case, Okta). On the basis of this assertion, the SP can decide whether or not to authorize or authenticate the service for the end user. IdP-initiated flow: with Okta as the IdP, an end user goes to the Okta browser and clicks on an app, sending a SAMLResponse to the configured SP. A session is established with the SP, and the end user is authenticated. or a direct form POST to a URL). Using the plugin enables you to use SSOAn acronym for single sign-on. In a SSO system, a user logs in once to the system and can access multiple systems without being prompted to sign in for each one. Okta is a cloud-based SSO platform that allows users to enter one name and password to access multiple applications. Users can access all of their web applications, both behind the firewall and in the cloud, with a single sign in. Okta provides a seamless experience across PCs, laptops, tablets, and smartphones. for a broader range of applications.


Jump to a section:

Download Okta Browser Plugin


Browser Download

End users are redirected to the Chrome Store.


End users need to install the Okta Extension AppAn abbreviation of application. Essentially, it is a web-based site used to perform any number of specific tasks, and requires authentication from end users by signing in. from the Mac App Store.

Once installed, the app can be found in the Applications folder or opened from the app store. When the app is opened, the user will see a successful installation message in a new window. Click Open Safari in the window to start using the app in Safari.


End users are redirected to the Firefox Browser Add-ons Store.

Internet Explorer

Download directly in the Okta End User Dashboard.

Make sure you've allowed the end users to download the plugin in the dashboard.

See General customization options.

Edge Depending on their browser, end users are redirected to the Legacy Edge Store or Chromium-based Edge Store.

How the Okta Browser Plugin works

When end users start an app from their Okta End User Dashboard, a new browser tab opens to the app's URL. The plugin uses an encrypted SSL connection to obtain authentication information and other required information from Okta, and then applies that information to the page. The plugin does not store their credentials after authentication is complete.

To enhance security, the plugin only works with trusted and verified sites. If end users have not installed the Okta Browser Plugin but have one or more applications on their end-user dashboard that require it, they see a notification on the dashboard along with a link to install the plugin.

See Okta Browser Plugin: Security Features.

The plugin is updated frequently. End users are prompted to install the latest version if necessary.

See Okta Browser Plugin: Version History.

What you can do with the Okta Browser Plugin

The Okta Browser Plugin provides the following functionality:

Automatically sign in to apps

If end users navigate directly to the sign-in page of an Okta-enabled SWAAn acronym for Secure Web Authentication. SWA is a SSO system developed by Okta to provide single sign-on for apps that don't support proprietary federated sign-on methods or SAML. Users can enter their credentials for these apps on their homepage. These credentials are stored such that users can access their apps without entering their credentials each time. When users first sign-in to a SWA app from their homepage, they see a pop-up message asking if they were able to sign-in successfully. app, the Okta plugin automatically inserts their credentials and signs them in without further interaction.

We recommend that you enable this option for all your trusted SWA apps. This feature is a per-app setting and must be enabled individually for each app.

Automatically initiate an Okta sign-in

If end users are not signed into Okta and navigate directly to an application that is Okta-enabled, a pop-up banner appears with a sign-in button. When they attempt to sign in, an Okta window is launched and they can sign into the app without having to navigate to the Okta End User Dashboard.

Automatically fill in credentials on sign-in pages

If end users navigate directly to the sign-in page of an Okta-enabled SWA app, the pop-up banner provides an option to auto-fill their credentials if they have not enabled automatic app sign-in.

Automatically insert passwords on password-update pages

When end users are on a password-update page of an Okta-enabled SWA app, the pop-up banner can automatically insert their current password.

Update passwords

When end users change their password in an Okta-enabled SWA app, the plugin offers them the option to update Okta with their new password.

Quickly jump to Admin Console

For Okta admins, an AdminAn abbreviation of administrator. This is the individual(s) who have access to the Okta Administrator Dashboard. They control the provisioning and deprovisioning of end users, the assigning of apps, the resetting of passwords, and the overall end user experience. Only administrators have the Administration button on the upper right side of the My Applications page. link is available in the Your Apps dialog when sign in to Okta. The link allows you to jump immediately to the Okta Admin Console.

Switch between multiple Okta accounts

Signed-in end users are prompted to trust or reject subsequent Okta accounts the first time they access those accounts. Over time, end users create an easily accessible list of their Okta accounts through the Okta Browser Plugin icon.

See Switch between Okta accounts using the Okta Browser Plugin.

Prevent web browsers from saving sign-in credentials

You can prevent web browsers such as Chrome from saving your end users' sign-in credentials for Okta as well as for third-party apps that they access through the Okta End User Dashboard.

See Prevent web browsers from saving sign-in credentials.




Do not select the option Never remember history in the Firefox browser, as it makes the Okta Browser Plugin inoperative.


Okta Browser Plugin topics for Admins

Okta Browser Plugin: Version History

Configure your custom end user portals to leverage the Okta Browser Plugin

Allow end-users to quickly access apps

Prevent web browsers from saving sign-in credentials

New Okta End-User experience

Manage Okta Browser Plugin installation and upgrade

Silently install the Okta Browser Plugin: Firefox

Silently install the Okta Browser Plugin: Chrome

Okta Browser Plugin permissions: Chrome

Silently install the Okta Browser Plugin: Internet Explorer

Verify the Okta Browser Plugin is enabled on Internet Explorer

Installing Okta browser plugin 5.x with Internet Explorer

Okta Browser Plugin topics for End Users

Add an app from the Okta Browser Plugin

Switch between Okta accounts using the Okta Browser Plugin

Configure the Okta Browser Plugin (end-user settings)

Keyboard shortcuts for the Okta Browser Plugin