Hi,
I have a Java app, and I need to integrate OKTA.
I need to login to the app with an okta account, and get the user’s group list from OKTA.
I got the login part working (authorization code flow).
When the groups are included in the token (“claims”) – I’m good.
But I need help with the groups fetching in an API call – because I need to support “no groups claims” scenario.
I can’t use Spring, so I’m coding against the protocol, on server side.
I need to make the API call for the groups behind the scenes, silently, with an access token (can’t use an API token).
1 – is there a permission I need to add to the user to enable the API call?
2 -Do I need to request a special access token for the API call? How?
3 – When I call {okta-url}/api/v1/users/me in the browser window, I see a lot of cookies being sent, including ‘sid’ (identifies the session?). How can the server side get these cookies (or just the sid cookie) without involving the browser?
4 – Any other info on this is welcome
Thanks in advance