Docs◥◤
Use Cases◥◤
- Embed auth into your app
- Overview
- Authentication
- Authorization
- User Management
- Publish an integration
- Overview
Pricing
Blog
Support◥◤
- Okta Developer Forums
- developers@okta.com

Search

Docs
Guides
Show Contents

Guides
Basics
- Quickstart: Signing in your first user
- Create an API token
- Enable CORS
- Find your Okta domain
  - Overview
  - Find your Okta domain
- Find your application credentials
  - Overview
  - Find your Application's credentials
- Share Application Key Credentials for IdPs across Apps
- Set up SAML Tracer
  - Overview
- Upgrade SAML Apps to SHA256
- Sign the Okta certificate with your own CA
- Set up self-service registration
Sign Users In
- Add an external Identity Provider
- Add multifactor authentication
- Mobile App
  - Unlock a mobile app with biometrics
  - Build a custom sign-in UI in your mobile app
  - Sign users in to your mobile app
  - Share a sign-in session with native mobile apps
- Sign users in to your single-page application
- Sign users in to your web application
- Sign users out
- Configure Okta sign-on and App sign-on policies
Authorization
- Implement the Authorization Code Flow
- Implement the Authorization Code Flow with PKCE
- Create an Authorization Server
- Implement the Client Credentials Flow
- Implement the Implicit Flow
- Request user consent
- Implement the Resource Owner Password Flow
- Tokens
  - Build a JWT for Client Authentication
  - Customize tokens returned from Okta with custom claims
  - Customize tokens returned from Okta with a Groups claim
  - Customize tokens returned from Okta with a dynamic whitelist
  - Customize tokens returned from Okta with a static whitelist
  - Refresh access tokens
  - Revoke Tokens
  - Work with Okta session cookies
    - Overview
  - Validate Access Tokens
    - Overview
  - Validate ID Tokens
    - Overview
Brand and Customize
- Customize the Okta-hosted error pages
- Customize the Okta URL domain
- Style the Widget
- Customize SMS messages
- Customize email notifications and email domains
OIN Partner Integrations
- Build a SCIM provisioning integration
- OIDC and the OIN: A Developer Primer
- Build a Single Sign-On (SSO) integration
- Submit an app integration
API Security
- Implement OAuth for Okta
- Implement OAuth for Okta with a Service App
- Protect your API endpoints
- Configure an access policy
Deploy to Production
- Deployment checklist
  - Pre-launch checklist
- Deploy your app
  - Overview
  - Java
  - JavaScript
  - Mobile
- Migrate to Okta
Hooks
- Set Up Event Hooks
- Implement a Password Import Inline Hook

Configure Okta Sign-On and App Sign-On Policies

Configure Okta Sign-On and App Sign-On Policies

On This Page