Hello guys I’ve a question regarding OIDC SSO flow,
- I plan to use okta to generate a OIDC token that my application will use to log in the user.
- I want to start using the SSO link provided by okta (the link that we get when clicking in the app badge in the okta dashboard), so my users will access okta and then they’ll be redirected to my app.
- My app is a static SPA. The backend of the SPA will validate the id token passed by the SPA in the
Does this make sense so far?
Now my problem:
The SSO link generated by okta will redirect to my app using a POST request. As I said, my app is just a SPA, so it cannot handle POST requests.
How is this usually done?
Should I stop using the SSO link? (the implicit OIDC flow redirects to my app using GET, so I don’t really know why the SSO link works in a different way)
There is any special app configuration that will allow me to change how the SSO link redirects to my app?