How to handle ajax request with Okta on my project

Hi, everyone.
I’m currently working on my project for passing my study and earn diploma. My topic is “Social Website for RPG players”. I could do it really simple, but I want to improve my skills by doing it.

What do I want to achive?
I tought that it would be great if I splited entire application into independent pieces, indepentent mini-applications and bound them together by using iframes.

Where do I want to deploy this website?
Heroku, because I’m currently on intern in Salesforce department in my company and I want to also practice my Salesforce skills and I want to integrate my website with Salesforce (by Heroku connect or Salesforce connect or similar things).

What’s my problem?
I want to (and I have to) provide feature that every mini-applications use the same authenticate and authorize users and because that I created my developer Okta account yesterday.

Problem is simple. I already tried few solutions, but none worked accordingly to my requirements, so I’m stuck and I don’t know what to do. I know, it would be the best using SSO, but when I read it, I don’t even know what I read, not to mention about implementation. So I’m kindly askig you about some advices. What should I learn? Where should I go?

What are my requirements?
I’m writing in PHP and I’m not using “big and popular” frameworks like Laravel, Codeigniter, Symfony, etc. Instead I created my mini-framework that I pushed into my github and I want to use it by composer (from Packagist repository). It’s a skeleton for all of my mini-applications.

You can see it here:

My enter point is “http://localhost/massfice-social-app/public/html/init”. I’m using xampp.

“massfice-social-app” is a directory within “C:/xampp/htdocs”
“public” is a directory within “massfice-social-app”
“html” and “init” are pretty urls which handling I implemented.

Basically every request is redirected to public/index.php that contains this code:

require_once dirname(__DIR__,1)."/vendor/autoload.php";
use Massfice\SocialApp\cSocialApp;

cSocialApp contais following code:

public static function start() {
        $okta = cOkta::run();

I wanted to check if user is logged on using cOkta:run() (yeah, it’s my own class but it’s not implemented).

This request “http://localhost/massfice-social-app/public/html/init” renders following html code:



    <title>{block name="title"}Default Title{/block}</title>
    <script src=""></script>
        var uri = "{$uri}";
        var config = "{$config}";
    <script src="{$path}js/engine.js?v=2"></script>
    {block name="addons"}{/block}


    {block name="header"}{/block}
    <div id="body"></div>
    {block name="footer"}{/block}


(It’s a Smarty template)

And “{$path}js/engine.js?v=2” is my very simple “javascript engine” that contains

function go(action, element) {
    $.get( uri + action + config, function( data ) {
        $( "#" + element ).html( data );

window.onload = function() {

Basically when window is loaded, my browser sends second request to “/massfice-social-app/public/html/default” and renders <div id="body"></div> content.

I wonder what I should do. I want to use my function “go” to performing navigation on my mini-application page or even for using with js web sockets in future (for example: chat).

I tried jwtVerifier, okta-ouht-js (maybe I should handle Okta with javascript), I tried to read about another methods and I watched few youtube tutorials (but it was about another “big and popular” frameworks).

And I’m in hurry a bit, so could I count on your precious help? Really thanks.

I was thinking about:
a) making another web server for handling Okta (like Laravel, Symfony or even Spring, but I’ve not made programs in Java for really long time) and making request to it each time from my cOkta class and “asking” this server: “Is user logged on or not?”
b) using Okta API
c) Learn React / Angular and make callouts for json response and implement Okta in React / Angular. Yeah, my mini-framework supports json responses.

What do you think?
Really thanks for any replies.

Have a nice day :).