Federated Single Sign-On with SAML 2.0 and OpenID Connect
Integrate enterprise applications using industry-standard federation protocols, demonstrating both pre-built OIN catalog integrations and custom OIDC application configurations.
Configure federated single sign-on for enterprise applications using both SAML 2.0 (for SaaS applications like Salesforce) and OpenID Connect (for custom web applications), establishing centralized authentication through Okta as the Identity Provider.
| Component | Purpose |
|---|---|
| SAML 2.0 | XML-based federation protocol for enterprise SSO |
| OpenID Connect (OIDC) | OAuth 2.0-based authentication for modern applications |
| Okta Integration Network (OIN) | Pre-built application catalog with 7,000+ integrations |
| OAuth 2.0 | Authorization framework for API access |
Before integrating applications, understand the available authentication protocols in Okta.
Navigate to Applications → Applications and click Create App Integration to view the available sign-in methods.
Available Sign-In Methods:
| Protocol | Use Case |
|---|---|
| OIDC - OpenID Connect | Token-based OAuth 2.0 authentication for custom apps and APIs |
| SAML 2.0 | XML-based standard for enterprise SaaS applications |
| SWA | Okta-specific method for apps without SAML/OIDC support |
| API Services | Machine-to-machine authentication with scoped tokens |
Selection: SAML 2.0 — Selected for Salesforce integration (enterprise SaaS standard)
Leverage the Okta Integration Network to add pre-configured Salesforce integration with SAML support.