We use a self-hosted login page(without sign in widget) using authn API through okta-auth-java. After successful login, user is redirected to /authorize endpoint with sessionToken generated by authn API. Our main requirement is to have session in okta for other SSO applications.
We are planning to migrate to identity engine but we don’t see a good solution for our requirements. We have confirmed that the current flow still works on identity engine and okta dashboard sets the idx cookie after successful authorize call, but we are aware that we should move away from authn API. We tried to use okta-idx-java, but the interaction code flow doesn’t work for us due to the SSO requirement.
Is there any other way to authenticate using identity engine while keeping SSO working and setting idx cookie? Unfortunately, we can’t use the login page hosted by okta due to customization of our login page.
I analyzed how the sign in widget works in the okta dashboard and I see that after calling authorize endpoint with my clientId, sign in widget generates a stateToken. After successful login, user is redirected to https://example.oktapreview.com/login/token/redirect?stateToken=02.id.stateTokenValue, which triggers a successful authorize call with idx cookie. Is this redirection possible for self hosted sign in page?