I’m trying to develop a custom single-sign-on page that allows us to redirect a customer to different systems.
Right now I have an spa with an embedded sign-in widget that works and logs the user in. This spa is hosted on
Then I have a legacy codebase that we are migrating to use okta. Right now this application runs on port
3000 and can read the tokens left by the SPA without issues. What I’m trying to do is, when the user accesses the website without being logged in to redirect him to the spa (port
8080) with url parameters that point to where the user comes from, display the signin widget and redirect him to where he comes from using the url parameters.
To illustrate a “correct flow”, things should go something like this (I’ve removed
/ for a clearer look):
localhost:3000 -> localhost:8080?source=localhost:3000 -> localhost:3000
This is all working right up until the user has to be redirected. Looking through the network tab on chrome devtools the
interact request sends the correct
redirect_uri that points to
http://localhost:3000/, that is, the legacy application, but once logged in the user stays on
localhost:8080 without any error being thrown.
I’ve already added the
redirect_uri to the app’s sign-in redirect uri’s and to trusted origins with cors and redirect flags enabled.
Thanks for any help you can provide