Custom data validation (not email and password)

Hi Community,

I have the following use case. I want Okta to ‘authenticate’ a set of custom data, Confirmation Code, and SSN-like code and then generate the token if it is valid.

That is in a nutshell.


I have a native desktop app that requires a token to talk to our backend. This app is for exam takers; therefore, they don’ need a username or password because they don’t have accounts. We do need to confirm an SSN-like ID (pseudo username/email/whatever id) and a secret confirmation code (password) that identifies them.

I am not sure if I can configure Okta to do this validation OR, do I need to do the validation upfront and then request a token to Okta?

Thank you in advance!

There is a mechanism in Okta, called inline hook, which you can use to generate the token -

The problem I see in your architecture is - if there is no user created in Okta, there is no chance you can generate anything at all :slight_smile: as Okta is an identity provider in a nutshell. The only scenario I see for your requirements would be your local validation of the custom data, and then to go Okta as a known Okta user (with credentials) to obtain an access token for your application