Is it possible to generate a user sessions using Okta APIs

My objective is that users who already logged in with our application “A” ( this doesn’t have any integration with Okta) move to application “B” ( this has connected with Okta as SSO ), Can we automatically logged in those users by generate user sessions ( Okta and Application ) without prompt login page.

like generate IDP sessions by using Okta authenticate APIs or is there a way to achieve this ?

Hello! I think inherently this would be a difficult task and maybe even go against best practice. In the end, whether you have a user input their credentials or if you do it under the hood - you will need to submit user credentials to Okta at some point. So this would mean the credentials the user submitted to login to App A:

  1. Would need to match the credentials of their Okta user.
  2. You would be saving their unhashed password to then submit to Okta.

Between our authn and sessions apis you certainly can create an Okta session, so maybe if #1 holds true you could run those api calls at the point of the user logging into App A.

My suggestion would be to try and refactor your App A login to log a user directly into Okta. This would make Okta your single source of truth and then SSO would be much more streamlined.