New Okta custom application

Hi there,

I must start by saying that I am not an Okta expert, nor I am the Okta Admin in my organization, but as part of my role as a Product Engineer, I’m investigating a possible Integration through Okta, which is being used as our IdP.
I would like to create under our Okta, a new custom application which will do the regular authentication with our Atlassian Confluence, but also to get the Confluence token and refresh token received post-authentication, and send to a specific third party API (for an on-prem product, installed on our machines).
The ideal would be to have an Okta login page, to automatically authenticate with the new application.
I’m wondering how can this be done, and if anyone has done something similar in the past.

Thanks in advance!

Hi RoyD! From what I understand Okta is your IDP and Atlassian Confluence is your SP (service provider). You want Okta to identify the user (authenticate) AND authorize to them your specific APIs. I did a Google search and found this https://confluence.atlassian.com/enterprise/openid-connect-for-atlassian-data-center-applications-987142159.html. It says that:

  1. OpenID Connect is an identity layer on top of the OAuth 2.0 protocol. It enables client applications to rely on authentication that is performed by an OpenID Connect Provider to verify the identity of a user.
  2. OpenID Connect only handles authentication.

Which means Okta (OpenID Connect Provider) is not set up to provide/get access tokens or refresh token to send to a specific third party, rather only to provide an id token.

The authorization (OAuth) part may be handled by Atlassian authorization servers instead; that’s if they are built to do that.

That’s pretty unfortunate, but thanks a lot Sigama for your response.