We are about to roll out OKTA integration in Self Service for all our users. In my testing phase, I am finding each time Self Service is closed, we have to re-login to OKTA. I think this can have an impact how end users leverage Self Service and would like to keep them signed in.
JAMF support says it's an OKTA setting.
Our OKTA admin gave me a very vague answer and doesn't think it's possible. I am skeptical.
Does anyone else have OKTA integration into Self Service where it keeps your users signed in after closing the window? Where is this setting located in OKTA?
Honestly it does sound like an Okta side thing. When you close SelfService.app (or the website and close the browser), the tickets for that session are destroyed. When you open SelfService.app (or the browser for web based instances) a new tickets needs to be created.
If you are wanting tickets to be automatically generated for Apps that would be something Okta would need to provide details on how to do with macOS. JAMF just pushes out whatever configuration you tell it to, Okta needs to figure out the configuration. JAMF cannot say what Okta can or cannot do. If the Okta admin said it was not possible, its probably not possible. You may want to look in to Apples Platform SSO, it wont be ready until next year some time but it can pass authentication to applications from the login window.
Thanks for the reply. The issue is my OKTA admin didn't bother to look into it. I do not know enough about OKTA back end to challenge him, but if others have made it happen in their environment then I can go back and leverage that.