The only difference is in onSuccess on the login page I added a console.log to do some debugging. It never gets fired, which leads me to believe the issue is in the widget.
It was previously working even without HTTPS, but now the sign-in just hangs - I am not sure why. I see a POST to https://.okta.com/api/v1/authn that succeeds and responds with a sessionToken. The Sign-in widget promise never hits onSuccess or onError.
Do you not do anything after showSignInToGetTokens succeeds? You’ll need to make sure you store the tokens AND hide the widget, as this method was designed for SPAs that do not want to redirect away to another route.
Can you try modelling your widget code like our sample below:
el: '#sign-in-widget',
scopes: sampleConfig.oidc.scopes
}).then((tokens: Tokens) => {
// Remove the widget
this.signIn.remove();
// In this flow the redirect to Okta occurs in a hidden iframe
this.oktaAuth.handleLoginRedirect(tokens);
}).catch((err: any) => {
// Typically due to misconfiguration
throw err;
});
That code is for angular, but our OktaSignInWidget.jsx is already an exact copy of the React version of the linked sample.
The weird part about this is the sign-in stopped working without any code changes. I’ve checked a few times to make sure our code is 100% lined up with the samples and it is, so I really can’t figure out what is going wrong.
@umeshvenkat As you might be experiencing a different issues from the original poster, please open another thread or, if you have a paid account, a support case to get assistance.