I have 2 SP’s configured with Okta. User is logged into one of the SP’s. Can I consume the REST endpoint on the other SP using a JWT token as per that SP’s specification. I have access to embed custom Javascript in the authenticated SP from where I have a requirement to get some data from the other SP.
it depends… if they use the same authorization server, then I’d say yes, if the subject is assigned to the remote application as well.
I do not have admin access to verify the authorization server however in my okta home page, I can see both the apps (SP1 & SP2). Also in by browser, when I am logged into the first SP, I am not asked to login again for SP2. So I guess that both are using the same authorization server.
The subject is also available in both the applications.
Can you suggest how I can generate custom JWT from a frontent javascript snippet within an application to invoke a REST endpoint of the other application. The user is already logged into the frontend application and the same subject is available in the REST endpoint application.
There is also a section within the custom JWT to sign the payload with private key. Would that be possible in javascript and is it secure ? I’m assuming this would need to be done at the server side and if that’s the case, how can I achieve that using okta ?