We have a drupal site with a member base and content nodes created by that member base. We have a working iOS app that currently connects to the drupal site using oauth2 and drupal’s REST api.
But, we’re attempting to come up with a working proof of concept to support the idea of switching to Okta for SSO.
This far, we have:
Achieved a working authorization between the drupal site and an okta app that successfully logs-in a member on the drupal site through a web browser. This is using the openid_connect module.
We also have achieved an authorization with Okta SSO within the iOS app.
Here’s where we are stuck understanding what’s needed next…
The iOS app needs to use the Okta SSO to authenticate users who can then hit our Drupal REST API endpoints with a valid token that Drupal understands as authenticated. Currently there is a disconnect between iOS and Drupal using Okta SSO, as they can each authenticate, but, don’t know of each other’s authentications in order to properly communicate between iOS app and Drupal, after an authentication takes place.
How do we get Drupal REST API to recognize the iOS app’s successful login, so our Drupal REST api endpoints can allow GET and POST requests from the iOS authenticated users?
In the Drupal REST API settings for each endpoint, there are only “OAuth2” and “Cookie” methods of authentication. Where is “Okta”?