I am in trouble with below description. to integrate okta with my projects,first i created okta application. the using clientId, issuer, redirectUri i created instance of okta. when user provide his okta credentials(username, pasword), my login page send post request to the server. on my server there is a middleware which take both credetntials and check is a user is a right user? if that it allows the user to use all left routes. this case is worked and i was using this way for a while. but know i wanna do this in another way. when user logged into okta using company domain, okta allows the user to log in. then when he clicked on the application i created and integrated with my project, i wanna check user is logged in using company domain. I hope my question si clear. can anyone help me?
Hello,
If I understand correctly it sounds like you have an OIDC(?) application and would like to allow users of various Okta Orgs (tenants) to be able to login?
If the above is correct you would want to submit your application to the Okta Integration Network (OIN).
Below is a link that details this process for OIDC applications. The OIN also allows SAML applications.
If the above is not what you are looking for could you provide a little bit more details.
Thank You,
thank you for responsing me. i have reviewed doucmentation, diving into my project using sign in redirect. but now, i found error, that blow up my mind. here is my code in app.js
// Check authentication using configuration
import { getConfig } from “./utils.js”;
// Check authentication using configuration
const config = getConfig();
let newState;
const authClient = new OktaAuth({
…config,
});
let state, codeChallenge;
// console.log(authClient);
if (authClient.isLoginRedirect()) {
// Parse token from redirect URL
const queryParams = new URLSearchParams(window.location.search);
const searchParams = new URLSearchParams(window.location.search);
const code = searchParams.get(“code”);
const transactionManagerData = JSON.parse(
authClient.transactionManager.storageManager.getTransactionStorage()
.storageProvider[“okta-transaction-storage”]
);
codeChallenge = transactionManagerData.codeChallenge;
const { codeVerifier } = transactionManagerData;
state = transactionManagerData.state;
console.log({ state });
console.log(“blah blah”);
parseAndExchangeToken(codeVerifier);
// newState = queryParams.get(“state”);
} else {
// Perform authorization request
authClient.token.getWithRedirect({
responseType: [“id_token”],
});
}
// }
// Parse token from URL and exchange it for tokens
async function parseAndExchangeToken(codeVerifier) {
console.log(authClient);
if (!state) {
return false;
}
try {
console.log(“lllllllllllllllll”);
const tokens = await authClient.token.parseFromUrl();
alert(codeVerifier);
const response = await authClient.token.exchangeCodeForTokens({
interactionCode: tokens.interactionCode,
state,
codeChallenge,
});
console.log(response)
// Tokens have been exchanged successfully
// ...
} catch (error) {
// Handle token parsing or exchange error
console.error(error);
}
}
i got error OAuthError: Browser requests to the token endpoint must use Proof Key for Code Exchange. also there is unauthorised error on this request. XHRPOST
https://dev-[numericNUmber].okta.com/oauth2/default/v1/token
[HTTP/2 401 Unauthorized 2177ms]. can u please help me?
What type of application did you make within Okta? Is it a Web App with a Client Secret set (which won’t work if you’re using AuthJS to make the /token request), or is it a SPA (which is the app type you should be using if making the /token request from the front-end) which does NOT have a Client Secret and will instead use PKCE?