My objective is that users who already logged in with our application “A” ( this doesn’t have any integration with Okta) move to application “B” ( this has connected with Okta as SSO ), Can we automatically logged in those users by generate user sessions ( Okta and Application ) without prompt login page.
like generate IDP sessions by using Okta authenticate APIs or is there a way to achieve this ?
Hello! I think inherently this would be a difficult task and maybe even go against best practice. In the end, whether you have a user input their credentials or if you do it under the hood - you will need to submit user credentials to Okta at some point. So this would mean the credentials the user submitted to login to App A:
Between our authn and sessions apis you certainly can create an Okta session, so maybe if #1 holds true you could run those api calls at the point of the user logging into App A.
My suggestion would be to try and refactor your App A login to log a user directly into Okta. This would make Okta your single source of truth and then SSO would be much more streamlined.