Hi all,
I have been grappling with this implementation for a few weeks now as I’m relatively new to token-based authentication, and most of our codebase is built out. We have a MAUI mobile app and a .NET framework that both utilize Okta’s sign-in widget to log in via user credentials. Currently we would like to embed a webpage from our site into the Mobile app, but without having the need to enter user credentials again. My idea is to use the WebView in MAUI to get the URL to embed, but the re-authentication portion is what I am having difficulties with.
Currently we are not on Identity Engine (yet!), so I am wondering if it makes the most sense to utilize the new Session APIs there to handle this after we upgrade. Another potential solution is to hit the authorize endpoint with the refreshToken (from mobile app to Web) and set up a session with user details?
I have been reading through documentation for awhile and it really feels above my head, so any direction would be great. Let me know if I can provide more info and I can do my best there. Thanks!