I am trying to build an end-to-end application having Custom Sign-in Page (built with NEXTJS) which will call one /sign-in API on the backend (built on NodeJS) which is using okta-auth-js to perform signing with credentials and to provide signing response to Client application.
On Front-end, trying to leverage NextAuth’s Credential Provider flow to call this /sign-in API with credential received from the custom sign-in component and get active session.
I want to achieve proper OKTA SSO with this kind way of implementation on browser end so that other OKTA SSO linked application (running in browser) can also have access to this session and SSO can be achieved. I need to have my custom signing page as a requirement.
- If this flow can be achieved?
- Sign-in API is responding properly with active session token. How I can leverage this response to create active OKTA session on browser so that other app can perform sign on with OKTA?
(I tried to set header coming from signInWithCredentials method response of okta-auth-js, but it still didn’t worked)
I tried to implement Redirect flow with active session token from frontend but unable to handle it with Next JS.
Created on callback page to handle response after successful redirect and complete /v1/token flow but getting
on /v1/authorize redirect state.
I have to bypass OKTA Hosted Signin Widget and use my own signin page and API.
If anyone have any better suggestion… do let me know.