Hello. I have this sort of problem. I created a custom login url for my application: auth.example.com (where example is my real domain)… I’m serving a spa wrote in angular at the domain administration.example.com
When I click a login button in administration.example.com I’m redirect in the login page based on auth.example.com. Now if I insert the credentials and login I’m correctly redirect in my site. But if instead of insert the credential I refresh the page, login for appears again, but after the login user is not redirect in my application administration.example.com…he is redirect in the okta panel where he can also add application with the “add application button”. How can avoid this?
Second question: I also customized the login page form but when the login form appears after I clicked login button in my administration.example.com page, I see the default login form (okta logo isn’t hidden by my custom js) but if I refresh the page I see the correct login form (where okta logo is correctly been hidden by my custom js).
How can I solve these 2 problems?
Ok, maybe I found the answer at my second question. Any help about the first one?
Default behavior is indeed to redirect to the home page. We also had this use case.
Basically what we do is catch the success response and set the redirect. Following is javascript code for the widget.
// “config” object contains default widget configuration
// with any custom overrides defined in your admin settings.
var config = OktaUtil.getSignInWidgetConfig();
// Render the Okta Sign-In Widget
var oktaSignIn = new OktaSignIn(config);
oktaSignIn.renderEl(
// Assumes there is an empty element on the page with an id of ‘osw-container’
{el: ‘#okta-login-container’},
function success(res) {
var url = window.location.href ;
console.log(url);
// The user has successfully completed the authentication flow
if (res.status === ‘SUCCESS’) {
console.log(res.user);
if(url.includes(“password-reset”)){
res.session.setCookieAndRedirect(‘your-redirect-url’);
} else {
res.session.setCookieAndRedirect(‘redirect-to-okta-anyway/app/UserHome’);
}
return;
}
},
function error(err) {
// The widget will handle most types of errors - for example, if the user
// enters an invalid password or there are issues authenticating.
//
// This function is invoked with errors the widget cannot recover from:
// 1. Known errors: CONFIG_ERROR, UNSUPPORTED_BROWSER_ERROR, OAUTH_ERROR
// 2. Uncaught exceptions
}
);
in this case you will always redirect to your home page. Reason for refresh is that you lose all context so Okta falls back to default behaviour, which is the homepage
You can drop my if logic btw, just a success with setCookieAndRecirect should do the trick
Thank you for your response 
I tryied but I get an error since res doesn’t contain a session field, so when I try to call res.session I get an error: Uncaught TypeError: Cannot read property ‘setCookieAndRedirect’ of undefined