React : How can i set prompt=none to silently redirecting the browser to the redirect Uri to avoid authentication pop up

Questions
1

Hi,
I am using Okta with React for authentication.
And my login works fine.
As i am already logged in to browser if i open different tab then user should be auto logged in as i am already authenticated.
For this i found that i can use prompt=none in my redirect uri. How can i set this parameter, i am using oktaSignInWidget.

Thanks,
Priyanka

2

This should work in your use case as well.

3

Hi Priyanka,

When you open a new tab that application could do a token.getWithoutPrompt(options) using the okta-auth-js SDK.

2 Likes
4

@ajm @erik ,

In order to implement single session per user across the browser, i am planning to do following things -

  1. The idea is to redirect from [http://localhost:300](the root URL) to https://xxxx/oauth2/default/v1/authorize?response_type=code&prompt=none&client_id=xxxxx&scope=…&nonce=…&state=…&redirect_uri=http://localhost:3000/login/callback (insert scope, nonce and state parameters as required)
  2. Okta will then check for a valid session and redirect the user back to /login/callback
  3. If the user has a valid session, the response will be an authorization code and session can continue
  4. if the user does NOT have a valid session, Okta will send an error and /login/callback should instead redirect to /login to show the login prompt.

Any lead for above steps implementation would be really helpful. Could you help.
I am using Okta with react.

I found below sample code from Okta Auth JS SDK. I need to provide sessionToken,state,nonce,ldp, from where i can find all these details for my application.

authClient.token.getWithoutPrompt({
sessionToken: ‘00p8RhRDCh_8NxIin-wtF5M6ofFtRhfKWGBAbd2WmE’,
scopes: [
‘openid’,
‘email’,
‘profile’
],
state: ‘8rFxxxH5q’,
nonce: ‘xxxTswrm’,
// Use a custom IdP for social authentication
idp: ‘xxxxxc8PaGpU0h7’
})
.then(function(res) {
var tokens = res.tokens;

// Do something with tokens, such as
authClient.tokenManager.setTokens(tokens);
})
.catch(function(err) {
// handle OAuthError or AuthSdkError
});