Administer local Identity Providers


Identity Providers provide:

  • Identity federation between Access Gateway and Okta tenants/local identity providers.
  • Services such as:
    • Authorization and authentication support.
    • Application data for identification and policy decisions.

Local Identity Providers can be used in the absence of an Okta org IDP. For example, as a result of a network outage.

Add a Local IDP

To add a local idP:

  1. In your browser, navigate to the Access Gateway Admin UI and sign in.
  2. Select the Settings tab,
  3. Select Identity Providers.
  4. Click + and select Local SAML IDP.
  5. Enter the following fields:





    Required. Unique name that identifies the IDP. Display in the list of IDPs

    My Local IDP


    Required. A unique Access Gateway hosted domain. Must not match any others.


    Cookie Domain

    Required. A unique Access Gateway hosted domain name. This must not match existing Access Gateway domain names.


    Default Auth Module

    Required. A previously created auth module.


    Name Attribute

    Required. Attribute to be obtained from the remote Active Directory.


    Name Attribute Format

    Required. Defines the name format used in the SAML assertion. Select one of the values from the list.

    Email address

  6. Click Okay.
  7. After any creation of update all Identity Providers will be validated. Valid identity provider displays the status as Valid ().