You can customize your Okta organization by replacing the Okta domain name with your own domain name. This allows you to create a seamless and white-labeled experience for your users so that all URLs look like your application.
Okta organizations host pages on subdomains such as
example.okta.com. Using this feature aliases your Okta organization's domain name to another subdomain that you own, like
For example, you use Okta as a user store for your apps, but you don't want your users to know that the app uses Okta behind the scenes. You can create a CNAME record for the Okta domain, allowing you to alias
Okta serves pages on your custom domain over HTTPS. To set up this feature, you need to provide a TLS certificate that is valid for your domain.
Your custom domain must be a subdomain.
Okta currently only supports 2048-bit keys for the private key that you upload. However, your certificate chain can use keys of any size.
If your organization has configured any SAML or WS-Fed integrated applications, review the SAML or WS-Fed SSO setup instructions. If you want your customers to see the new custom domain rather than the Okta org domain, update those SAML or WS-Fed Service Provider integrations to use the new custom URL in the metadata.
When you implement a custom URL domain, users aren't automatically rerouted from the original URL to the new custom URL. You must communicate the new custom URL domain to your users. One way to communicate the change, for example, is to create a custom notification that appears on each user's dashboard.
Can I add more than one domain? No. You can only have one custom domain set up per Okta organization.
Will the existing Okta domain work?
Yes. When you turn the custom domain on, the Okta domain (for example,
example.okta.com) still works.