Access a SAML application from an OpenID Application Portal

We have 2 applications in our Okta account, one is an Openid connect Web application and another is a SAML application.
We are authenticating users in our Openid web application portal using Okta API calls and this works as expected.
Now we need to include a link for the users to be able to open the SAML application from within the Web portal application. If we simply include the embed URL of the SAML application, it is not directly logging in the user, it still prompts for username and password. We don’t want the users being asked to enter thier credentials a 2nd time for the SAML application, when they have already provided the same to access the Web portal application.
What do we need to pass in the embed url to avoid bringing up the sign in page for the SAML application? we tried passing the session id ,but didn’t make any difference.

Hi @RajaniRadhakrishnan

The best solution is to authenticate users client-side in the browser using either okta-auth-js library or the Okta sign-in widget.

Once the session has been created, users can be redirected to the embed URL of the SAML applications and they will successfully authenticate in the respective applications.

Depending on the session lifetime in Okta, you can use the API call available here (integrated also in the okta-auth-js) to refresh the session and keep it alive for as long as the user is active in your web portal.

We have used API calls in the OpenId Application, we cannot change that to okta-auth-js or okta sign in widget at this point.
What we are looking for is some API call or session id/token that can be used from the openid application to allow to directly login to the SAML application using the embed url so that the user does not see the login page of the SAML application again.
Please suggest a way to do this.

not sure how you implement the flow, but usually as a result of a successful OIDC flow, client’s agent obtains an Okta session cookie, which would help to sign into your SAML application. It would be helpful to understand, what your API calls are, to be able to offer something meaningful

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.