Hi and thanks for the help in advance,
I have an existing web application that im hoping I can integrate with some existing clients okta accounts. The main point of contention is that my web app has a few things like user_id, company_id, etc that is usually apart of the jwt claims. So to add these claims, im having to force my existing clients to update their user attributes / claims to accommodate my applications jwt requirements. Which even if they do that doesn’t actually properly set those values.
If nothing else being able to set a user_id on the callback route seems like it would satisfy my issues. So my question is, how do I set up a user after they log in via okta on the callback route?
Just to keep replying to myself. I ended up using using jwt to verify that the authentication with okta was a success then issued my own jwt token after authentication in the callback route. This means of course im not using the jwt validator from okta (after that initial authentication check) and am not pushing any customer information from my web app back into okta. This doesn’t feel like it’s ideal but I wasn’t able to find any documentation that made sense around my use case.
That use case being:
We are an existing webapp
We aren’t using okta but our clients are
We need someway to have custom private claims in the token, like ‘role’, ‘user_id’, etc
So i’ll keep reviewing tickets here and see if things ever match up. But for now the documentation to integrate with okta seems lacking and if you run into a similar issue, good luck.
It would be great if okta had a commuity slack or consultants I could throw money at for information around the integration issues I experienced. But so far no dice.