Getting user info from Session token

Questions
1

I am using Okta’s sign-in widget
once user signs in I get session token in my javascript. The i send it to my backend to verify and “completely” login user.
How can i get user’s information if have session token
Im trying to use GetCurrentUser api but it needs “api_token” and i am not sure where to get it.
Docs say “Fetches the current user linked to API token or session cookie”
But i have only session token.

https://developer.okta.com/docs/reference/api/users/#get-current-user

https://developer.okta.com/code/javascript/okta_sign-in_widget/

2

@gevorgter

In the signin widget doc you attached, you can refer the below use case to get userinfo and tokens.
https://developer.okta.com/code/javascript/okta_sign-in_widget/#use-cases

oktaSignIn.authClient.token.getUserInfo().then(function(user) {
        document.getElementById("messageBox").innerHTML = "Hello, " + user.email + "! You are *still* logged in! :)";
        document.getElementById("logout").style.display = 'block';
      }, function(error) {
        oktaSignIn.showSignInToGetTokens({
          el: '#okta-login-container'
        }).then(function(tokens) {
          oktaSignIn.authClient.tokenManager.setTokens(tokens);
          oktaSignIn.remove();

          const idToken = tokens.idToken;
          document.getElementById("messageBox").innerHTML = "Hello, " + idToken.claims.email + "! You just logged in! :)";
          document.getElementById("logout").style.display = 'block';

user’s info can also be added to id token by adding custom claims.
https://developer.okta.com/docs/guides/customize-tokens-returned-from-okta/add-custom-claim/?_ga=2.97334679.923389476.1629220709-1030317562.1629143595

3

Thanks, but once user signed in i want to send token to back end and get user information (the one that is returned by getUserInfo) via Okta’s APIs.
I can not find one that would take session token.

4

@gevorgter Here is a related discussion for how to get access token from session token.

5

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.