Hi everyone
I have to perform SSO from one mobile app to a web app using a token exchange mechanism. According to Okta Configuration, both applications are “Native apps.” With the help of the android-sdk github document, I am able to perform SSO and SLO (single log out) within the app (it signs in user without asking creds again & reloads the first app screen with data of 2nd app).
I want to open the second app in webview inside the first app rather than refreshing the page. I can do this as well, but for some reason it doesn’t show that I’m already logged in and asks for creds on 2nd app.
I think this is happening because I need to pass the first app’s ID token & device-secret to the 2nd app & it needs to handle it and generate the access token, refresh token & id token for 2nd app.
I clearly use the android SDK for my first app, which is mobile, and the JS SDK for my second app(Web App); but, I’m wondering if there is a way to use the android SDK to pass the device secret and id token to the second app via WebView. I’d also like to know how to manage the received tokens and obtain access, refresh, and ID tokens for a second app using the JS SDK.
Any help is appreciated, thanks! 