Custom app login
In Classic Engine, you can use the Application Login feature to redirect unauthenticated users to a custom login page when they try to access an app.
This feature doesn't work in Identity Engine. However, you can create a similar experience for users by customizing the sign-in page or setting an IdP routing rule for the app. See Identity Provider routing rules and Configure a custom Okta-hosted sign-in page.
You can upgrade without configuring one of these options. If you take no action, let your users know they authenticate entirely through the Okta sign-in page, rather than the custom URL.
- Unauthenticated users aren't redirected to the customAppLogin URL. Instead, they're evaluated by the global session policy and authentication policy.
- Users who click an app embed link are evaluated by their org’s global session policy. If they haven’t authenticated yet, they're redirected to the Okta-hosted sign-in page to do so.