Confused about authentication approach

rocky.assad · May 2, 2019, 3:39pm

I have the task of integrating OKTA into our angular 7/node api web app for authentication.

I simply need to authenticate our uses. This is a simple task when I follow the process of creating an application in for a SPA in the Developer Console but this is where the confusion comes in for me.

After creating a dev account and integrating the into Angular, our OKTA admins told me that they do not have the ability to create the Authorization server that is created by default in the Developer Console SPA setup. They were not sure if this is a paid feature that needs to be enabled or not. This made me think that I could simply do without the Authorization server since I’m already handling handling the authorization side of things in our currently application.

They said that all of our current integrations use SAML 2.0. So I looked into that, but I haven’t found documentation that helps me understand how to integrate that for authentication in our Angular app.

Questions:

Do I have to have an Authorization server in order to use the Developer Consoles ‘new application’ process for SPA apps?
Are Authorization servers an added feature to existing OKTA accounts? We are a large corporation that has been using OKTA for some time now.
Can I use any of the Angular packages that you offer on Github along with SAML if I have to use the SAML approach?

Thanks

dragos · May 7, 2019, 11:05am

Hi @rocky.assad

Are Authorization servers an added feature to existing OKTA accounts? We are a large corporation that has been using OKTA for some time now.
There are two types of authorization servers that Okta currently supports: Okta authorization server and custom authorization server.

Okta authorization server is available for free on all Okta tenants and can be accessed through a path like /oauth2/v1/{endpoint} where {endpoint} is the specific endpoint for the authorization server (eg. authorize, token, introspect, etc.)

Custom authorization servers are created through API Access Management feature. This is available for free on developer and preview tenants, but paid on production ones. You can find out more details about the pricing from your Okta representative.

Do I have to have an Authorization server in order to use the Developer Consoles ‘new application’ process for SPA apps?

For Single Page Apps, you can use the Okta authorization server instead of a custom authorization server. You can find all the endpoints available by accessing the openid-configuration file through a URL such as your-okta-tenant.okta.com/.well-known/openid-configuration

Can I use any of the Angular packages that you offer on Github along with SAML if I have to use the SAML approach?

This depends on the current use-case that you have.

Post		Replies	Views
Help me to Custom Design Okta SAML angular application SAML angular	2	763	June 23, 2024
Angular with SAML SAML angularjs , saml	6	24547	February 12, 2024
SPA or web application? SAML	14	11100	February 12, 2024
Developer preview , has SAML support discontinued SAML spring , java , saml	4	5484	January 5, 2018
Why SAML is not preferred way for SPA (Angular + WebAPi2.0) application in Okta SAML	2	6432	January 23, 2024

Confused about authentication approach

Related topics