I have an application in Okta setup as web app with autorization code flow. Our stack is python backend and frontend react. I’m using sign in widget on the frontend.
If I’m disabling the idp discovery, frontend is getting the code as it should. When idp is enabled, all I get is either ?fromLogin=true
or ?iss=<issuer>
.
I have followed a number of related articles and answers here on this forum, but none work. Tried using target embed url (/home/oidc_client/...
), tried using frontend url and backend url. Tried configuring backend as redirect url, but none are getting the code as they should.
I followed this example on how to setup the frontend: Sign in to your SPA with the embedded Okta Sign-In Widget | Okta Developer
And this example on how to setup the backend: samples-python-flask/custom-login at master · okta/samples-python-flask · GitHub
Is there a working example of authentication code flow with backend in python + frontend in react?
Okta sign in widget configs:
{
baseUrl: `https://${process.env.REACT_APP_OKTA_DOMAIN}`,
clientId: process.env.REACT_APP_OKTA_CLIENT_ID,
display: "page",
redirectUri: "http://localhost:6060",
authParams: {
issuer: `https://${process.env.REACT_APP_OKTA_DOMAIN}/oauth2/default`,
responseType: "code",
scopes: ["openid", "email", "offline_access"],
},
features: {
idpDiscovery: true,
autoPush: true,
},
idpDiscovery: {
requestContext: `/home/oidc_client/...`,
},
// Additional documentation on config options can be found at https://github.com/okta/okta-signin-widget#basic-config-options
};
I think my basic issue here is the sign in widget. If I don’t use it and instead call directly to okta-auth-js
→ token.getWithRedirect(...)
, I get the code on the frontend as expected.