We have an scenario where we need to go through this middleware to check if the okta session is alive then extend it (at the authentication server level).
If I understood the documentation properly we need a session token to get a session cookie that would allow us to consume this endpoints, but I can’t find a way to get the session token in the first place.
Thanks a lot in advance!
When you login to Okta, a session cookie is set in the browser. You can test this by logging into your Okta org and then pasting https://${yourOktaDomain}/api/v1/sessions/me in the address bar.
{“errorCode”:“E0000022”,“errorSummary”:“The endpoint does not support the provided HTTP method”,“errorLink”:“E0000022”,“errorId”:“oaeetCrG8IgSBKyBHQcw4whTQ”,"errorCauses
Nevermind, checking the session status is also extending it so there’s no need to call the refresh endpoint. Now my question is: Is there any way to check if the session is alive without extending it?
You can do an initial request on /api/v1/sessions/me when the user authenticates or leverage the session management under Admin >> Security >> Authentication >> Sign On >> policy under which the user falls under >> rule under which the user falls under. If you are using the Developer Console interface, you can switch to Classic UI by hovering over the text on top left corner inside the administrative console.