Documentation says that there is only one way to create session - using sessionToken (Sessions | Okta Developer).
But, I found that there is at least one more way to create session - by providing “username” and “password” in the body of the request.
My question is: is there any way to create session using IdToken (that was returned by login widget)?
There is not a way to create an Okta session with an id_token.
Providing user/pass when doing /authn would return a sessionToken that can be exchanged for a session cookie after successful authentication.
If you are using the widget for login, you should definitely be seeing a session cookie get set on the Okta domain. Presuming your browser is not set to block 3rd party cookies (see this article for more info on that), you should be able to make a fetch request to /sessions/me aka AuthJS’ session.get() to get information about the user’s session (presuming its still valid/hasn’t expired)