We are wondering If we can leverage the authentication just using a custom attribute via API.
- User inputs customer number + date of birth (for example)
- User is redirected to our custom “authentication” API and uses the find user by custom field to find the combination
- If user found and valid, we create an authn session on their behalf via the custom api (we won’t know their password)
- We generate the OIDC tokens and return it to the initial screen.
I’m specially curious about the 3rd step If that can be accomplished through Okta’s API’s.
Maybe primary authentication with trusted app?
Just to mention we will have control over the initial screen, all under same IP range, etc. And we are trying to achieve a faster login experience in a Point of Sale involving a few thousand workers login in and out…
Any suggestions welcome.
Thanks in advance!