I am using Okta as an external IDP through Identity Server. I have a use case that crosses the browser boundary. CEF -> Chrome for example.
App1 uses CEF
App2 uses Chrome
(CEF and Chrome do not share a cookie store)
From App1 I want to launch App2 and not encounter a challenge when I call the authorize endpoint.
I am thinking about adding a couple of controllers to identity server that I can redirect to,
one controller would read the current auth cookie and copy the identity to central storage returning a key.
the second controller would accept the key and create a new auth cookie if one is not present.
I see that okta has a fairly similar method of achieving the same goal if it is used as an OIDC provider directly (not an option).
I was just wondering if any others have had this use case and what they did to solve it. I realize that this method will introduce issues with logout but the logout cases aren’t really important to us at this point.