How to authenticate user to get SAML response without a browser(sign in page)

Hi Okta expert,

We are going to develop a ZTNA test (based on SAML) product which will take OKTA as the IDP, we are facing some challenge in how to authenticate user with IDP and get the SAML assertion through API call (without relying on the web browser’s sign-in page), is there an API from OKTA for user authentication and returning SAML response through just HTTP POST/GET?

I noticed there is the API for OpenIDConnect, I can use API to login user ( a post http request with user name password), I get the sessionToken after user login. then I can use the sessionToken in the API to get authentication code, and then get the access token/id token.

I need the similar API for SAML, can you please help confirm/clarify this – sign-in user and get SAML response without sign-in page, but simply through API?

Like most SSO protocols, I believe SAML is designed to be completed in a browser as it involves a redirect to the IdP, I don’t know if there is a way to achieve this via direct API calls.

Thanks, I understand the what you mean, but can you forward the question to engineering team see if anyone can confirm ?