I have implemented 2 OIDC SPA apps that are accessible through direct link or through Okta dashboard. I have an interrogation that I can’t answer reading Okta admin or developer documentation so I’m trying here.
The redirect URI has this format : https://app.client.com/login/callback
But when we try to reach to the app using Okta’s App Embed Link, SSO works fine but the final URL has this format : https://app.client.com/login/callback?iss=https%3A%2F%2Ftenant.okta.com)
I know iss stands for issuer which but why is it in the URL as a parameter and what can we do to avoid this ?
This is the configuration of our app :