I have a requirement to perform OKTA login through the command line without opening the user’s Web Browser. Where the user can enter the username password and also perform MFA from the command-line itself.
Currently, we are using a SAML based application and to perform the above
• From the command line, we open a browser tab
• User performs authentication
• After successful authentication the tab closes and control gets back to the command line (With the help of a local webserver)
We want to remove the browser dependency totally from our flow.
Also explored the option of OpenIdConnect.
Out of the 4-5 ways mentioned only the ‘Resource Owner Password Flow’ authentication can be done totally from the command line. But this is not at all secure as the client secret needs to be present with the user performing authentication.
All the api endpoints exposed by Okta perform redirections on the Browser and cannot be used as an AJAX call.
Can you please let me know how to proceed with this