I’m seeking a way to transfer information, specifically a generated GUID, from the client’s browser to the Inline token hook. From my observations, it seems this might not be achievable. ChatGPT suggested adding it to the header, but unfortunately, that doesn’t seem to be effective. Before abandoning this straightforward approach, I wanted to reach out to the experts for any insights.
This might not be an issue related to Okta inline hooks. It could be dependent on your application’s architecture. Handling this may involve your application code feeding this info from your backed to your token.
can you provide more details about what you’re attempting to achieve?
I don’t think it’s a problem with the inline token, per say. I’m need to leverage context/user information that the browser has in the inline token hook. I can put that information in some sort of backend or database, but I’d still need a way to reference it in the token…that’s my rub.
Based on the information you need from the user, it may or may not be entirely possible to use tokens. For example, some GDPR rules avoid sending any information the user has about the browser without proper consent.
If this information is an input that the application needs, e.g., if it is functional, then you cannot send it via token as you may have it already in your architecture, database, or somewhere. Ideally, you would need to make sense of what kind of information this is that relates to the token.
Tokens are primary for authentication and validation from the server side, not really about the client side, and not for sending information from the browser, if that makes sense. It’s an easier process to let your backend handle any information that needs to be gathered and tied together and not use authentication information to tie that data together, unless it’s necessary for authentication.
You can use custom claims and then make an endpoint call based on the custom claims to your backend to tie this up. I’m not sure if that can work, but it can be a step forward.
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.