I have a web application that uses a React frontend served on port 3000 and a NodeJS server running on say port 3001 that I can’t seem to figure out how to create an Okta session between the two.
How do I go about creating a session between the two so that when a user makes requests from the React frontend, their user info object is available in the request so that my Node server can use that information to determine if the resource is accessible by that user?
There are documents on how to do a SSO authentication with React to secure specific routes/pages, and there are docs on securing a simple REST server. But nothing on them combined. What I need and can’t seem to figure out is this…
User navigates to the web app running on port 3000, the web app redirects them to Okta to be authenticate. Once back on the web app, the user clicks a button that makes a call to the Node server running on port 3001. The node server needs to be able to get the authenticated users info such as permissions from the request object.
How is this done? Any help is much appreciated!