Authent with phone number and password

Hello, I’m discovering the Okta Oauth service and I have few questions regarding my workflow.

I have two components: my Spring back end which contains my app users and my Android App.

My Android users should use their mobile phone and password for authentication.

  • Is this supported by Okta ?
  • In the documentation, all clients used Okta login. Can I implement my won Login UI ?

I understand that users are created in Okta database, I need my users in my Spring boot back end database, how could I do to not store users in Okta database or created them inside both databases ?

Thanks in advance.

please have a look at that sdk https://github.com/okta/okta-oidc-android that will help you to build your app to authenticate against Okta

you can sync users from your backend into Okta by developing some customizations to your backend, but you need to think of user registration/self-service/password recovery/mfa… what’s you long term plan? which component of your architecture will be handling that? okta has it ootb, but then users will be created in Okta and then you need to import them. Okta has API for user management and syslog operations, so you can handle of all of that too. It even has provisioning capabilities to inform your application about users created/assigned to your application in okta, or event hooks… Very broad discussion, in other words. You need to choose the route which fits you better

Hi @phi1ipp. Thanks for your answer. Our long term plan is to manage registration/password recovery. I don’t know what is self service and mfa.

In our architecture our micro service mAppUser, the component used to store users will be in charge of exposing registration API.

Well that all sounds to me like a lot of pain trying to build relationship with Okta. Okta was designed to handle your user base and all workflows around that: registration, authentication, authorization, password reset, multi-factor…

Seems, you need to answer to yourself the following question: what do you want from Okta in your target architecture, where everything is done by your backend. Only authentication? When just synchronize your users from your backend into Okta and link your mobile app to Okta for authentication purposes and obtaining an access token.

Just my thoughts

Your solution is good. I think we will do this. Let okta do all the job of registration, authentication, authorization, etc…and sync he okta database with our database. Thanks a lot for this suggestion.