Add an (Undefined variable: okta-feature-names.Access Gateway UI) application

The purpose of this task is to step through the process of adding a second administrator app, assignable and accessible from your Okta org dashboard.
Using the administrator application Okta org administrators can assign the app to any user, allowing those users to access the (Undefined variable: okta-feature-names.Access Gateway UI) and administer Access Gateway.

Create group and assign users

You must either assign users or define groups representing the users who can access the (Undefined variable: okta-feature-names.Access Gateway UI).

To define an Access Gatewaygroup within your Okta tenant:

  1. Sign in to your Okta tenant as an administrator.
  2. In the Admin Console, navigate to DirectoryGroups.
  3. Click Add Group.
  4. Enter a name for the group such as Access Gateway Admins.
  5. Add an option description, such as Members of this group can administer Access Gateway.
  6. Click Add Group.

To add users to the newly added groups:

  1. Click the name of the newly added group.
  2. Click Manage People.
  3. Using the Search by people field, find those users who should be able to administer Access Gateway.
  4. From the Not Members list click Add All.
  5. Click Save when complete.

Create the application in Access Gateway

  1. Sign in to the Access Gateway Admin UI console.
  2. Click the Applications tab.

  3. Click +Add.

  4. Select the Access Gateway AdminUI option from the left column menu, and click Create.

    Select Access Gateway Admin UI and click Create.

    The New Protected Application wizard starts and displays the Setting tab.

  5. In the Essentials pane enter:
    LabelThe name of the application,
    For example: Access Gateway Admin UI
    Public DomainThe external facing URL of the gateway. Typically similar to gw-admin.[domain.tld].
    For example:
    Post Login URL

    Leave unchanged.

    GroupEnter the name of group created in the prior step.
  6. While optional, Okta recommends that all applications include certificates.

    See Certificate use for general information about certificate, or Certificate management for a general task flow for obtaining and assigning certificates.

  7. Expand the Certificates tab.

    By default, when you create the application the system generates a self-signed wildcard certificate and assigns it to the app.

  8. Optional. Click Generate self-signed certificate. A self-signed certificate is created and automatically assigned to the application.

  9. Optional. Select an existing certificate from the list of provided certificates.

    Use the Search field to narrow the set of certificates by common name. Use the page forward (>) and backward (<) arrows to navigate through the list of available certificates.

  10. Click Next. The Attributes page appears.

    The attribute set specified by the add application wizard is required by Access Gateway. Do not modify this list.

  11. Click Next. The Policy page will appears.
  12. Click Done.


  1. Sign in to your Okta tenant as a user in the Administer Access Gateway group.
  2. From the applications dashboard, find the (Undefined variable: okta-feature-names.Access Gateway UI) app that you added and select it. The (Undefined variable: okta-feature-names.Access Gateway UI) opens as the same user.

    In the applications list, click the name of the newly added Access Gateway admin app.