Authenticating users without a password via a backend call

Is there a way to authenticate a user and create a session without a pass via a backend call to Okta?
The only auth flow I found that doesn’t require a password is primary auth with activation tokens which is irrelevant as I’m talking about a standard login, not a user activation journey.
I know that in a lot of other CIAM systems it is possible to generate a session via a backend call using privileged credentials such as an admin token for instance.

The full journey should look like this:

  • User goes into my website, enters his username / email and clicks a button
  • This button calls my own custom backend to log the user in
  • My backend calls Okta API to generate a session token / cookie and returns it
  • My frontend uses the returned token / cookie to set the session on the frontend and log the user in

This is not possible in Okta. Okta sessions are managed via session cookies set on the Okta domain.

If you are trying to manage your own application session, then this should be distinct from the Okta session and, if you are making authentication calls from a backend, you should not expect that users will be able to SSO into other applications in the same Okta org without needing to reauthenticate.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.