Is it possible to call the Get Current Session api (/api/v1/sessions/me) from the server side? Everytime I call it (c #) I get ‘404’ even if I have an Okta session.
If I call it using Javascript, I get a response when I have an Okta session.
Is this api only meant to be called in client? The client call doesn’t fit into our workflow.
Since your application domain would not match your Okta domain, browser would not send the Okta cookie to your server and unless you have the Okta session cookie value on the server side, this call cannot be made from the server - it will have to be made from the client side. On the client side, browser will automatically pass the Okta cookie which will be used by Okta to identify the session is valid or not and provide details about the user. What is the user workflow? You may have to look at alternative way of getting session details or find a way to pass the info from client to server.
Here’s an example to retrieve the current session via client side
var baseUrl = 'https://yourOktaCompany.okta.com';
var xhr = new XMLHttpRequest();
if ("withCredentials" in xhr) {
xhr.onerror = function() {
alert('Invalid URL or Cross-Origin Request Blocked. You must explicitly add this site (' + window.location.origin + ') to the list of allowed websites in the administrator UI');
}
xhr.onload = function() {
alert(this.responseText);
};
xhr.open('GET', baseUrl + '/api/v1/sessions/me', true);
xhr.withCredentials = true;
xhr.send();
} else {
alert("CORS is not supported for this browser!")
}
Your code snippet works great from Chrome, but always returns error “E0000007”, no session found, when run in IE11. Is there something blocking IE11 from reading the session cookie? How can I get an existing session from IE11?
The browser policies allow CORS, and I can authenticate and redirect just fine. Every test I have done in IE11 tells me that I don’t have an active Okta session though. This is perplexing because the same code works perfectly well in Chrome.
Is there some special way to set the Session in IE11? I am currently using the OktaSignIn widget for JS.