I followed sample OIDC app, created an application at https://dev-85466444-admin.okta.com and was able to write some code locally to test it out. Everything worked and dev okta was able to redirect to my local box.
When my IT team tried to set me up with corporate Okta app, okta wont redirect the call back to my application. use is landing in okta home page. Here is the code that gets passed from browser-
global $OAUTH2_CLIENT_ID, $ISSUER; session_start(); $_SESSION['state'] = hash('sha256', microtime(TRUE).rand().$_SERVER['REMOTE_ADDR']); $query = http_build_query([ 'client_id' => $OAUTH2_CLIENT_ID, 'response_type' => 'code', 'response_mode' => 'query', 'scope' => 'openid profile', 'redirect_uri' => 'http://10.14.80.123/myapp/restapi/v1/auth/okta/callback', 'state' => $_SESSION['state'], 'nonce' => microtime() ]); header('Location: ' . $ISSUER . '?' . $query); exit();
Where, $OAUTH2_CLIENT_ID is the client id you get after creating the OIDC app, and $ISSUER is https://mycompany.okta.com. The url http://10.14.80.123/myapp/restapi/v1/auth/okta/callback is set as login redirect url in the OIDC settings. The browser redirects to my organization’s okta app but upon authentication, instead of redirecting user back to my application, user lands on okta home page https://mycompany.okta.com/app/UserHome
Am I doing anything wrong? Have the parameters changed?