Redirect to local app after IdP sign_in

bcurcio · October 24, 2019, 9:42pm

I have a SAML IdP configured in OKTA to authenticate against my PingOne application. I am using the OKTA widget and have a routing rule set up in OKTA to route emails from a specific domain to PingOne. Authentication works just fine.
-I receive the login page from my okta widget with just the email field.
-I am then routed over to PingOne to authenticate my user.
-I receive the SAML response back from PingOne
-My user is JIT’ed into OKTA as expected.
-After that I am redirected back to the okta home page (signed in as the user).

The final redirection back to OKTA’s home page is what I am having trouble with. I want to be redirected back to my local application with an access token or authorization code in the response (depending on what I ask for via responseType.

As a side note: I also have users that aren’t PingOne users. They are Okta authenticated users. I can log in with these users and get the proper redirection (back to my app). This, of course, isn’t using my Okta IdP configuration or the routing rule.

I feel like this is a simple config setting that I am missing but can’t seem to come up with the right one. Any help on this would be greatly appreciated.

thank you in advance

cheung · February 24, 2020, 3:55pm

Having a similar issue. @bcurcio were you able to find a solution?

bcurcio · February 24, 2020, 5:27pm

Cheung,
yes, I was. Add a request context to your widget okta config.

  features: {
    idpDiscovery: true,
  },
  idpDiscovery: {
    requestContext: '<URL to redirect back to my app>',
  },

sofather · February 9, 2022, 12:09pm

@bcurcio
I have the exact use case you have. in my case the cookies isn’t created at all. But the okta system log shows the user is authenticated successfully. and when I traced the saml flow it should be working too.

HsuanKai · October 19, 2022, 8:48pm

Hi Bcurcio,

Are you able to get token or code back as well? With your recommendation, I get redirect back to my app, but need to have code / token for next step.

Thanks

andrea · December 2, 2022, 6:20pm

That’s expected behavior and is noted in the Widget readme. Your application will need to trigger the /authorize request after the federated user is redirected back to it.

system · February 12, 2024, 10:27pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
Okta sign-in widget does not complete sign-in after authentication with IDP Questions	4	5744	February 6, 2022
Add SAML to Authenticate to OIDC Application Questions	6	4834	February 20, 2022
Social login redirects to Okta dashboard instead of localhost Questions	10	6127	September 15, 2020
Redirect to okta login when user not sign in okta SAML java , saml	1	3737	February 12, 2024
Using SAML/OIDC IDP, unable to get session/token information SAML widget , saml	4	4871	February 12, 2024

Redirect to local app after IdP sign_in

Related topics