BACKGROUND -
Using the below steps to initiate OTP, I get the email and when I submit the OTP, I get the tokens in the last step.
await authClient.idx.authenticate({
username: “user_email@xyz.com”,
authenticator: AuthenticatorKey.OKTA_EMAIL,
})
const transaction = await authClient.idx.proceed({
methodType: ‘email’,
})
const transaction = await authClient.idx.proceed({
verificationCode: “123456”,
})
Based on my discussion with Okta support, I got information that authorization_code flow is not possible with IDX. Can someone else also confirm that ?
QUESTION -
In absence of that, I would like to call retrieve token on the Backend side using {{url}}/oauth2/v1/token endpoint as mentioned in this topic - Retrieve Tokens from Interaction_Code .
But it is not clear how to initiate this redirection.
For our existing authn flow ( with password login ), we used setCookieAndRedirect(sessionTokenAfterLogin, redirectURI) method which would redirect to
${oktaTenant}/oauth2/default/v1/authorize?client_id={client_id}&scope=openid+email+profile+offline_access&state={state}&redirect_uri={internal_backend_callback_url}&code_challenge={code_challenge}&code_challenge_method=S256&response_type=code with redirect_uri ( to our backend ) as parameter.
Above ‘authorize’ call redirects to internal callback with “authorization_code”. Passing this code with {{url}}/oauth2/v1/token gives back the accessToken / refreshToken.
FOLLOW-UP COMMENT-
The documentation here - Token Endpoint is not up date. ( doesn’t have interaction_code )