My organization using Okta for SSO authentication. We have to authenticate with Okta when we initially sign into the application. Why is it that any tabs that are added have to be re-authenticated?
There are also cases where some of our web applications (added in as a tab) need to be authenticated if they are not publicly shared. In the picture example, clicking on the tab to open the web application, requires us to authenticate with Okta. Clicking on the button opens a new browser window to authenticate but ends up failing throws out an error.
Does the auth request happen in every single tab you create? What I mean here is does it happen with Stream, Forms, SharePoint - the default 365 apps? Some third party apps like Invision need credentials which aren’t the same as 365 and may explain why it’s prompting in cerain cases.
In terms of your web apps I can find another example of this
I don’t think it’s the exact same issue but it points to issues between ESRI and Okta which may point in the right direction. Personally I would raise this with Okta as they may have come across the scenario previously.
Hope this helps to answer your question. I will be very interested to hear the outcome.
Very interesting scenario...I simply think is not ready to handle it, but I would love to know the "official word" here...one solution could be to build a custom tab for any web application where authentication happens in a third party SSO...but I would like to know if there are any other options here