How to Create SID (session id)

I have following use case and would like to create my own session id, can someone give directions

Step 1. Once user enters userid, password i call below okta rest api from a microservice

Step 2. I get 200 (success) status code and SessionToken from above call

Step 3. I need to make a below call to create Session Id (SID)


My question is how to populate following parameter values for above okta api call ?

Thanks in advance.

Hi @lkeerthi,

You’re in the right direction.
The state and nonce values should be filled by the client, and these can be any value that you need.
Generally, clients generate a random value for each invocation and call the /authorize endpoint.
As to why we need the state and nonce values, read this -

At a high level, state value protects against CSRF attacks to the client, while nonce protects against replay attack.

Thanks for review and response @vijet .
Just one side question on this context, is there any api available to get Session Id (SID) without redirection ? Just request and response so that i can create Session Id cookie my self.
Thanks in advance.

Hi @lkeerthi,

You can use the Sessions API to set the session cookie yourself.
Take a look at this -
At a high level, you pass this endpoint the sessionToken you’ve obtained, and it’ll return you a session object.

Hope this helps. Good luck!

Thank you for right pointers @vijet. Yes, this what exactly i’m looking for for my use case.
Thank you again.

1 Like

@vijet -I’m able to get session object based on /api/v1/sessions api call.
Now i need to create a okta SSO cookie based on this session object. Can you suggest steps for that. Our platform uses other application which uses Okta SSO.
Thanks in advance.