Our React SPA uses Okta Auth JS and React SDK to authenticate using the OpenID connect protocol. We have a new requirement to allow IdP initiated SSO using the SAML protocol. I have a few doubts in this regard for which I did not get any help from the documentation:
Can we keep the existing flow using Open ID connect and add IdP initiated SSO flow on top of it? To elaborate, if any of the existing user’s login to their okta instance they should see our application listed and get authenticated when they click on the application while keeping our existing login flow which follows the open ID connect protocol. Is this possible?
Do we have to completely move away from OpenID connect protocol in order to implement SAML protocol ( SP or IDP initiated flow)?
I think you could do that. I already tried that and my current problem for now. is I’m not able to authenticate users on my SPA application, even thought the saml2 flow authentication was successfully applied between SP and the IDP (bot are Okta orgs). becaouse I’m reliing on the Okta cookies and they fails to be created.
More details are here