I have an ASP.NET Core Razor Pages web app that uses the Authorization Code flow and Okta sign-in widget. I’m in the process of migrating to a React SPA with okta-auth-js (with PKCE). The migration will take a few months, and I’d like to allow users who log onto the React SPA to use some sort of SSO to log onto the ASP.NET Core app to access views that we haven’t migrated yet.
The ASP.NET Core app and React SPA use the same authorization server but different Okta Applications (client ids).
Can anyone give me some pointers on whether this is possible and, if so, how to get started?