This is an Early AccessEarly Access (EA) features are opt-in features that you can try out in your org by asking Okta Support to enable them. Additionally, the Features page in the Okta Admin Console (Settings > Features) allows Super Admins to enable and disable some EA features themselves. feature. To enable it, contact Okta Support.

Redirect end users to a specific app when the target app is unknown

You can specify the appAn abbreviation of application. Essentially, it is a web-based site used to perform any number of specific tasks, and requires authentication from end users by signing in. to which end usersEnd users are people in your org without administrative control. They can authenticate into apps from the icons on their My Applications home page, but they are provisioned, deprovisioned, assigned, and managed by admins. are redirected when they visit your orgThe Okta container that represents a real-world organization. directly and Okta doesn't know which app they are trying to access. (AuthenticationAuthentication is distinct from authorization, which is the process of giving individuals access to system objects based on their identity. Authentication merely ensures that the individual is who he or she claims to be, but says nothing about the access rights of the individual. Authentication methods and protocols include direct auth, delegated auth, SAML, SWA, WS-Fed, and OpenID Connect. flows initiated by applications are unaffected; authenticated users in that case are still redirected to the initiating app, not the custom redirect URL that you configure in this procedure.)

Additionally, you can use this setting to manage where to redirect users following password and MFA resets, user recovery, and other recovery flows. In this way, this feature lets you hide the Okta Dashboard from your end users by sending them instead to a different default application or domainA domain is an attribute of an Okta organization. Okta uses a fully-qualified domain name, meaning it always includes the top-level domain (.com, .eu, etc.), but does not include the protocol (https). that you specify.

Note: This feature also overrides any default redirect URL that may be configured in Enable self-service registration.

To configure this redirect:

  1. Go to Settings > Customization.
  2. Scroll to Default App for Sign-In Widget and click Edit.
  3. Select Send to Custom URL.
  4. Click Save.

To return to the Okta Dashboard, navigate to <your-okta-domain>/login/default.

Top