I want to be able to access the access token between subdomains. So imagine I login in with Okta under https://main-domain.com. I want to then be able to go to https://subdomain.main-domain.com without the need to ask the user to login again. How can I do that? What should be my configuration like and what methods of the okta javascript sdk can I use to achieve this?
Hello,
SSO is based off of the Okta session which will be tied you the domain you used to authenticate into Okta. Either the Okta domain URL or a custom domain URL if your Org has that setup.
For SSO where your app authorizes into Okta it doesn’t matter if they share the same parent domain or if one is a child of another, it is session tied to the Okta domain that matters.
Setting up a custom domain in Okta and having your applications as sibling domains or child domains of that custom domain has advantages when using the Okta sessions API to check for an existing Okta session. In this scenario you don’t need to be worried if a browser has 3rd party cookies enabled or not for the Sessions API to function.
As far as sharing tokens between applications this is not a recommended setup. Each application should acquire it’s own set of tokens.
Thank You,
2 Likes