I have currently implemented the SSO login via Javascript and is working as expected - “res.session.setCookieAndRedirect(redirectUrl);”
The issue is that this method of authentication only works when javascript is enabled on the browser, I am looking for a solution where JS is not needed for the SSO authentication.
I have looked at authenticating on server side (PHP) instead using “Primary Authentication” to retrieve the sessionToken then using “Set Session with Token Redirect” - https://developer.okta.com/use_cases/authentication/session_cookie#retrieving-a-session-cookie-by-visiting-a-session-redirect-link
Would this method carry out a redirect onto the Okta site via Javascript then redirect back to create the sessionCookie?
Also I am trying to CURL a GET response on “/login/sessionCookieRedirect” I am unable to get it working.
curl -X GET \
https://dev-xxxxxx.oktapreview.com/login/sessionCookieRedirect\?token\=20111eVeGjI80z77wxxyqGDgoUcvqIXDxQ6C5lVctwPmlA7Z3K_GqL\&redirectUrl\=http%3A%2F%2Fdocker.localhost%2Fsaml_login
What format is the response sent back from Okta API?
Thanks,
Joz