On this page
Publish an OIN integration
The Okta Integration Network (OIN) is the identity industry’s broadest and deepest set of pre-built cloud integrations to manage access management, authentication, and provisioning. Gain exposure to thousands of Okta customers who can discover your integration by adding it to the OIN. OIN integrations speed adoption by simplifying admin configuration steps and reducing friction for your customers. They can integrate your application to Okta with minimal effort.
If you're an integrator, from an independent software vendor (ISV) or an existing Okta customer, who wants to add your integration to the OIN, use this guide to learn about the submission process. It's free to add your integration to the OIN and list it publicly in the OIN catalog (opens new window).
This guide assumes that you've created an app integration and want to make it public in the OIN catalog.
Submission process
The following flowchart outlines the OIN submission and review process after you decide to make your integration public:
Before you submit your integration, review the OIN submission requirements and prepare the artifacts required (such as the app logo, description, support contact, and configuration document).
Submit your integration to Okta and work with the Okta OIN team as they test and review your submission. If the Okta OIN team identifies any issues in the review and QA testing phases, you’re sent an email with the specific details. At any point in the process, you can check the status of your submission in the OIN Manager.
The Okta OIN team reviews and prioritizes all submissions.
Understand the submission review process
The submission review process begins when you click Submit for Review in the OIN Manager (opens new window). Okta sends you an email notification that your integration is now queued for review and also includes the date when the initial review is expected to finish.
The OIN Manager shows the status of your integration.
Step 1: Initial review
- Pending review by Okta: The Okta OIN team is notified of your submission. Okta reviews the submission and notifies you by email when the submission review is complete.
- Action required: Okta has reviewed your submission and found issues that require your attention. Check your email for results from the Okta initial review. Sign in to OIN Manager, update the requested details, and click Submit for Review. After the OIN team reviews your updated submission and verifies that the issues are resolved, your submission moves to step two for QA testing.
Step 2: Code review
- Pending review by Okta: The Okta OIN team conducts internal QA tests and notifies you by email when the QA review is complete. If the QA test is successful, your submission is automatically published in the OIN.
- Action required: Okta has found QA issues that require your correction. Check your email for results from the Okta QA review. Make the requested changes as an update to your existing submission.
- Final review by Okta: The Okta OIN team conducts a final internal QA test based on previously requested changes. The OIN team emails you when the final QA review is complete. If the review is successful, your submission is automatically published in the OIN.
Step 3: Published
Congratulations, your integration is published in the OIN!
Protocols supported
Okta accepts integrations that use the following protocols or tools into the OIN:
OpenID Connect (OIDC) (opens new window)
Notes:
- To support the potentially large number of Okta orgs that access an authorization server through the OIN, an OIDC integration can't use a custom authorization server, including the
default
server. - ISVs shouldn't rely on the
email_verified
scope-dependent claim returned by an OIDC integration to evaluate whether a user has verified ownership of the email address associated with their profile.
- To support the potentially large number of Okta orgs that access an authorization server through the OIN, an OIDC integration can't use a custom authorization server, including the
Security Assertion Markup Language (SAML) (opens new window)
Note: SAML integrations must use SHA256 encryption for security. If you're using SHA-1 for encryption, see our guide on how to Upgrade SAML Apps to SHA256.
System for Cross-domain Identity Management (SCIM) (opens new window)
OAuth 2.0 (for Okta management service apps, see Build an API service integration)
Note: SWA app integrations are no longer accepted for publication in the OIN catalog. However, the OIN team still maintains existing SWA apps.
Submission support
Getting your app integration in the OIN catalog involves two phases: creating a functional integration and submitting it through the OIN publication process. For each phase in the process, Okta has an associated support stream to assist you.
Create an integration phase
- When you're constructing your Okta integration, you can post a question on the Okta Developer Forum (opens new window) or submit your question to developers@okta.com.
Submit an integration phase
If you need help during the submission process, use the Get Support section on the My App Integrations page after you sign in to the OIN Manager (opens new window). This section provides the following resources from the Okta developer portal:
- OIN integration guides
- Okta, OIDC, SAML, and SCIM concepts
- A search tool to find articles in the Okta developer portal
If you have questions or need additional support to publish your app integration, you can reach out to the Okta OIN team directly at oin@okta.com.
Note: All integrations in the OIN catalog are public. If you want to create a private integration for an app that uses SCIM, then use the SCIM App Integration Wizard (opens new window).
You can also use the following template integrations from the OIN if they meet your app SCIM capabilities:
- SCIM 1.1 test apps (opens new window) for SCIM 1.1
- SCIM 2.0 test apps (opens new window) for SCIM 2.0
- SCIM 1.1 Test App(Header Auth) (opens new window) for SCIM 1.1 apps that use custom header expression for Header Auth
- SCIM 2.0 Test App(Header Auth) (opens new window) for SCIM 2.0 apps that use custom header expression for Header Auth
Next steps
Ready to make your integration public? Submit an integration with the following guides: