Okta oidc question

sarcasticoder · July 16, 2024, 3:11pm

Thank you for the response, as the documentation says I need to manually handle the flow from the dashboard in such a way that when the dashboard app clicks navigate me to my application page from the page again I need to call and authorize API bak to okta? I’m I correct or missing something? When I click on my dashboard OKTA app icon I am redirected to my web app but my URL is getting appended

with ‘?iss={my okta url}’. why is that happening??

andrea · July 16, 2024, 10:05pm

This is expected behavior and how Third Party-Initiated logins are meant to behave as per the OpenID Connect spec: Final: OpenID Connect Core 1.0 incorporating errata set 2

In short, Okta will only redirect to the Initiate Login URI (configured for the application in Okta), passing along an iss param indicating the domain from which they came, and then your application must initiate the login flow itself (e.g. make an /authorize request).

This is also discussed in the following article: Develop a Custom OpenID Connect Application that Can Support SSO when Launched from the Okta Dashboard | Okta Help Center

sarcasticoder · July 17, 2024, 5:29am

@andrea thank you for your response, But can you please help me how can I handle multiple client details on my react web app what is the best way to do it?

andrea · July 17, 2024, 3:12pm

What do you mean, multiple client details? Are you trying to support multi-tenancy, so multiple Okta orgs (or at the very least, multiple OIDC client instances) can use the same React app?

sarcasticoder · July 17, 2024, 5:48pm

So the problem is I have an application and my client wants to integrate his okta OIDC app for login into my application so that he can have control of the data visual in the application, who can sign in, and who can not based on access to the OIDC app from his side. Suppose the same thing another client asks me i need to have the OIDc app details somewhere stored on my side. SO for this case i want to know the best way to handle

andrea · July 29, 2024, 6:42pm

Once you get tokens from Okta, you will have information about who this user is (for example, their preferred_username), what application instance they are using (the cid claim will contain the Client ID for the app within Okta), and the Okta domain (the iss claim). You could use this information on user side, for instance, to link and existing user with their associated Okta user.

system · August 28, 2024, 6:42pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Post		Replies	Views
OIDC login flow from okta dashboard OAuth/OIDC	3	379	July 11, 2024
OKTA app creation OAuth/OIDC	3	37	August 22, 2024
OIDC iss parameter in URL OAuth/OIDC oauth	4	6376	January 31, 2024
SSO for Portal Application - OIDC app SSO using custom login and dashboard pages OAuth/OIDC api , java , widget	3	4043	November 18, 2020
OIDC id token claim to identify tenant OAuth/OIDC	3	1210	May 12, 2024

Okta oidc question

Related Topics