Hey everyone!
I’m trying to develop a custom single-sign-on page that allows us to redirect a customer to different systems.
Right now I have an spa with an embedded sign-in widget that works and logs the user in. This spa is hosted on localhost:8080.
Then I have a legacy codebase that we are migrating to use okta. Right now this application runs on port 3000 and can read the tokens left by the SPA without issues. What I’m trying to do is, when the user accesses the website without being logged in to redirect him to the spa (port 8080) with url parameters that point to where the user comes from, display the signin widget and redirect him to where he comes from using the url parameters.
To illustrate a “correct flow”, things should go something like this (I’ve removed http:// and / for a clearer look):
localhost:3000 -> localhost:8080?source=localhost:3000 -> localhost:3000
This is all working right up until the user has to be redirected. Looking through the network tab on chrome devtools the interact request sends the correct redirect_uri that points to http://localhost:3000/, that is, the legacy application, but once logged in the user stays on localhost:8080 without any error being thrown.
I’ve already added the redirect_uri to the app’s sign-in redirect uri’s and to trusted origins with cors and redirect flags enabled.
Thanks for any help you can provide