Okta authentication for a mobile app?


We currently have a web app that staff at our company use to communicate with clients. Staff log into the app via Okta and SAML. Now we want to make a mobile version of that app, but that mobile app needs to do 3 things to let a staff member log in with it:

  1. Let the staff member complete the Okta login flow in the mobile app,
  2. Tell Okta to log into our server via SAML, and
  3. Get a session id back to our mobile app so that it can keep doing its thing

What is the best way for us to go about implementing Okta authentication/login for this mobile app?

Some more specifics about the stack:

  • The web app has a python (Django) backend and Vue.js frontend. We’re using the pysaml2 library to do SAML logins with Okta as the identity provider
  • The mobile version will talk to the same python backend, but be written in Flutter
  • Django authentication happens via standard Django sessions, which need a session ID cookie