I currently have a scenario where the client has a JWT that’s signed by Apple. I’ve also configured Apple as a Identity Provider for our authorization server (so Sign In With Apple works). What I want to do is for the client to be able to use the Apple signed JWT to authenticate with Okta and get an Okta signed JWT token back.
Basically, what’s specified here: https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-12#section-2
Is that possible?
Thanks.
Hi @LyrianH,
Token exchange feature is not yet available, but this is something that Okta is working internally and will be available soon.
Thanks! Do you have an ETA? Also, in the meantime, is there anyway I can get a Id-Token on behalf of an user in Okta? Or is this scenario entirely impossible at this point?
We don’t have an eta at the moment. Would you be able to create a Support case mentioning your company, contact info and the detailed use case ? We could let you know when the feature is available in Beta.
Thanks !
Thanks! And can you confirm that there is currently no other way of getting an ID-Token on behalf of an user?