I’m receiving the response: “errorSummary”: “Not found: Resource not found: me (Session)”, “errorCode”: “E0000007”, when querying the /api/v1/sessions/me endpoint.
Can you do a quick check to confirm that your Okta session cookie is being generated?
Login with your Okta url
Open a new tab (in the same browser window) and paste the url https://{yourOrgUrl}/api/v1/sessions/me (with your org info) in the address bar
If you see a user response then it’s working. If you see a Resource not found error then check if third-party cookies are being blocked in your browser.
For your widget code, are you using an OIDC flow? If not, then you need to use res.session.setCookieAndRedirect(url) to generate a session cookie first (which will perform a redirect). You’ll want to move the session.get() code outside of the if statement.
I see, so the sign in from the widget is just an auth, it doesn’t set the session cookie. Maybe someone can help me think through this concept then:
I am trying to log in users programatically into Okta in my Next.JS app that contains pages with iframe embeds from an SSO SAML app integrated to Okta.
In my application, I built a login form and submit the login credentials to my own API which submits the credentials to the api/v1/authn endpoint.
I return the sessionToken to the application and set the location.href in the browser to {{org URL}}/login/setCookieRedirect with the sessionToken and redirect URL (welcome page) as query params.
This all works great, and signs the user into Okta and my SAML app, but I can’t get the active sessionId to hit any of the Session API endpoints. I want to refresh sessions as users continue to interact with the application so they don’t hit a wall when the session expires, but I can’t do that without the session ID.
Hitting the sessions/me endpoint from my app does not return the user’s session.
How can I refresh the user’s Okta dashboard session without having the session ID?