I’m new to Okta so please bear with me.
My scenario is as follows:
Application B: Okta SAML application to enable federated authentication with a 3rd party application.
User is provided with a link(X), if successfully authenticated, user is redirected to 3rd party application with SAML assertion. Successful redirect open the 3rd party application. 3rd party applicaiton also provide REST APIs for data retrieval.
Application A(our): Okta application for a JVM based client. setup as OIDC (but can be changed)
Use case: User logs in Application A. Application A needs to retrieve data from 3rd party via REST APIs. Since user is already logged in, we do not want to prompt user to enter credentials again.
Question: how can we retrieve data from application B via APIs?
tried: Oauth ‘Authorize code’ flow with application A. JVM get access_token and id_token but they can’t be user with link X.
Any help is appreciated.
*edit: made correction to show correct calling application.