Retrieve id_token from sessionToken


I am using the com.okta.authn.sdk.client to authenticate a user. This gives me a sessionToken in the response.
From this sessionToken I would like to retrieve an id_token (jwt) from the authorization server.
Is it possible to retrieve the id_token via an api call or utlilizing any sdk from the backend?

The only way I found that I can get the id_token is to enter the following URL into a browser which contains the sessionToken as a parameter:



Any thoughts how this could work from the backend without any redirects going on?

You can retrieve an id_token by passing the sessionToken in the /authorize request so that the user is not prompted to authenticate.

Since you are using a backend, you might want to use the authorization code flow instead since you might not able to parse the id_token from the fragment (#). With the authorization code flow, you will get an authorization code as a query parameter. Your backend can then parse it and make a /token request to retrieve tokens.