Authorization to Apis from custom homepage once signed in


#1

Hi,

I’ve created a small .net MVC client application which provides a user with the ability to sign in (via calling relevant Okta endpoints) and redirected to a custom home page which works fine and i get a session cookie returned to the browser. I’m calling the authentication api to get a session token, then calling the sessions api to obtain a session cookie.

Once redirected im calling the app links end point using the user id that i get back from okta to retrieve a list of applications that this user has access to which also works fine.

One of my Okta applications has its own angularjs SPA acting as client application it also has its own Gateway API that essentially provides access to various other resource APIs via the form of an access token as bearer token in auth header once the user has been authenticated.

When i click on the app link for the Okta application on my custom homepage, it redirects the user to a certain URL that I’ve provided but I’m a little bit stuck on what the best approach is then in regards to automatically signing them in. i appreciate I’ve got to make some back end code changes to my application to validate that the user is authorized but would should be used? should my Okta application be making another call with a client id and client secret to obtain an access token?

Hope this makes sense (probably not).


#2

Hi @thomasp, I’m interested in understanding more about your use case. It sounds like you are building a custom user dashboard that lets the user log into applications, much like the Okta (“chiclet”) dashboard. Am I understanding that correctly?

When i click on the app link for the Okta application on my custom homepage, it redirects the user to a certain URL that I’ve provided but I’m a little bit stuck on what the best approach is then in regards to automatically signing them in.

Does that application (the SPA) already use OpenID Connect to get tokens from Okta? Or some other authentication method? In general, if you have established an Okta session in the browser, you can sign the user into an application silently/automatically.

I can provide further guidance if you are able to share a little more detail on what you are building.


#3

Hi @nate.barbettini, thanks for getting back to me so quick.

I’ve actually resolved this issue now. thanks