Hi to all im new in okta, i have two webapps (app A and App B) with okta widget. how can i redirect from app A after login to app B without make login in app B?
If both of these applications are OIDC applications, once the user is logging into App A (and, in doing so, have a session created for them in Okta), you can have link that makes an authorize call using App B’s client_id.
Since the Okta session already exists for the user in the browser they are using, the second authorize call will automatically (ignoring potential MFA policies that may exist) redirect the user to the redirect_uri for App B.
tks Andrea, although the application a and b are in different domains? or do i need a sso?
Depending on the OAuth flow you are using, you probably don’t want to initialize the authorize call for the second application from the first application, particularly if you are using or plan to use PKCE flow, but you can still redirect users from App A after they log into App B, and then from App B make the authorize request.
As long as the Okta session exists (session cookie on the Okta domain), the second authorize request will work without prompting the user to log in again, even if your applications are on separate domains (since they both need to interact with the Okta domain to check for the Okta session).