Re-use session token for getting Multiple saml assertions


We have a cli tool for authentication into apps. We first authenticate, get a token and use the token to get the saml assertion. For the first application the assertion is successfully retrieved, but for the 2nd not. I believe that this is the case, because the session token can only be used once. Is there a way to get saml assertions from multiple apps without having to authenticate for each of them using api?

It should work in a browser-based scenario but since you mentioned it’s a cli tool, then I assume there is no session cookie and therefore you must provide a new session token each time.

When the link is visited, the token in the request is used to initiate the user’s session before processing the SAML SSO request. A session cookie is set in the browser and the user has an active session with Okta and can SSO into additional apps until the session expires or the user closes the session (sign out) or browser app.
Work with Okta session cookies | Okta Developer

1 Like