We have a requirement to implement SSO authentication for Angular 5 app using Okta. The other applications in the enterprise that communicate with Angular use SAML authentication. Since there is no configuration available for Angular 5 with SAML authentication, we are planning to implement the Okta OIDC SSO where the user will login only once and then the access token will be stored in the local storage.
The token will be validated every time the user access the url and use silent refresh to renew the token.
Is there any other better option to implement the OIDC SSO other than storing in local storage? The requirement is the user should not be validating everytime after they close the browser or open a new tab. Please advice