My setup is a VueJs app using the okta vuejs sdk. I am using OIDC with implicit flow to get an id token.
I am using version 3.1.0 of the okta-vue sdk.
After a user successfully authenticates on the okta login screen, the automatic redirect to the route
/login/callback only contains part of the id_token. When I decode the token, I can see that it has been truncated. The callback uri (plus the fragment) is always 8182 bytes long.
I’ve took a look at this and it appears to be my issue:
Unfortunately the suggested work around seems to require sending the response as a post which I don’t believe will work in the UI.
I did change the responseMode to ‘form_post’, which fails, but when I examine the post payload it contains id_token in its untruncated form.
Has anybody else encountered this or have other ideas for how to solve it?