On This Page
You can deploy your Okta-protected app to many different hosting providers. You can also host it yourself.
If you're developing a Single-Page Application (SPA), you need to host it on a web server and configure all paths to redirect to
index.html. This is because your framework handles the routing. You also need to force HTTPS.
If you're developing a server-side application, for example in Java, .NET, or Node.js, you likely only need to do three things after deploying your app:
- Configure your app (or server settings) to force HTTPS.
- Configure your app to read your Okta settings (for example, issuer, client ID, and client secret) from environment variables or a secrets provider (like HashiCorp Vault).
- Modify your Okta app to have sign-in and sign-out redirect URIs that match your production app.
If you need help or have an issue, post a question on the Okta Developer Forum (opens new window).