Can I use my applications login page to enter user credentials instead of custom login page provided by okta


#1

Hi,

My requirement is, when I will make Okta as Identity provider for my application. I don’t want my application users will get redirected to okta custom login page to enter credentials for authentication in case of SP initiated flow.
Instead , I want to show them the same login page of my application, which they use for login usually.
Is there any API which Okta provides, So that I can send credentials entered by user in my applications login page, to Okta for authentication along with SAML request.

The purpose is , I don’t wan’t user to confuse by showing them login page by okta. User experience should be similar as of previous.

Regards,
Santosh


#2

Yes, it is possible to use Okta to handle authentication for your application, but keep your own custom login look and feel.

If you already have a login system that you will be modifying to use Okta, you could use the Authentication API to verify a username and password.


#3

As Nate mentioned, you can certainly do this. One easy way of doing this is to use the Okta Auth SDK. I wrote a blog post that shows you how you can use it in an Angular app.


#4

Thanks @nate.barbettini and @mraible for your inputs.
I tried with link https://developer.okta.com/code/javascript/okta_sign-in_widget
Using Okta Sign-In Widget, I did customization in my own login page, it is working now.
But the problem is , I first need to login to my okta developer account first.
It means on the first login to okta account, it is somewhere creating a cookie , so that even if I do not login to okta developer account in next attempts , it is working fine.

Then I tried with clearing browser cookies and all temp data, but don’t know how still it is working for me.

Could you please let me know, if you know more about this.
I don’t want user to redirect to okta site for entering credentials, instead user should be able to enter credentials in my applications own login page, and internally it should go to okta for authenticate user, but user should not view the internal process, he should feel like he has entered credentials to the applications
original login page, I don’t even want to show him okta custom login page for first time as well.

Regards,
Santosh


#5

@nate.barbettini , My application is in MVC 4 , and the Authentication API link you suggested seems like a dependency on python?
am I correct. Because the examples provided here does not seems like , I can easily migrate into html and javascript code or Razor/C# code.


#6

If your application has a backend component in C#, then I think the Authentication API is the correct way to go (rather than the Sign-in Widget or AuthJS).

I’m assuming your backend application code needs to make an API call to Okta to verify a username/password and then create a ClaimsPrincipal from the user details. The Authentication API doesn’t require Python, it’s just a REST API that can be called from any language. You could use HttpClient, or the Okta SDK 0.3 to make these calls.

Without more specific details of your application, I can’t give any more detailed recommendations.