Hello, I’m discovering the Okta Oauth service and I have few questions regarding my workflow.
I have two components: my Spring back end which contains my app users and my Android App.
My Android users should use their mobile phone and password for authentication.
Is this supported by Okta ?
In the documentation, all clients used Okta login. Can I implement my won Login UI ?
I understand that users are created in Okta database, I need my users in my Spring boot back end database, how could I do to not store users in Okta database or created them inside both databases ?
you can sync users from your backend into Okta by developing some customizations to your backend, but you need to think of user registration/self-service/password recovery/mfa… what’s you long term plan? which component of your architecture will be handling that? okta has it ootb, but then users will be created in Okta and then you need to import them. Okta has API for user management and syslog operations, so you can handle of all of that too. It even has provisioning capabilities to inform your application about users created/assigned to your application in okta, or event hooks… Very broad discussion, in other words. You need to choose the route which fits you better
Well that all sounds to me like a lot of pain trying to build relationship with Okta. Okta was designed to handle your user base and all workflows around that: registration, authentication, authorization, password reset, multi-factor…
Seems, you need to answer to yourself the following question: what do you want from Okta in your target architecture, where everything is done by your backend. Only authentication? When just synchronize your users from your backend into Okta and link your mobile app to Okta for authentication purposes and obtaining an access token.
Your solution is good. I think we will do this. Let okta do all the job of registration, authentication, authorization, etc…and sync he okta database with our database. Thanks a lot for this suggestion.