My setup is a self hosted Okta SignIn Widget in a React SPA. I’ve setup the widget so that it uses
showSignInAndRedirect when I’m using my page to login to another service via redirect. I’m logging via my application through an Okta OIDC Application.
This is working at the moment if I’m not authenticated to my application in the first place. However, if I’m already authenticated to my application and already have an existing session on Okta, it won’t use the account I’m logging with on the login page, but the existing session on Okta’s side.
What am I missing? I see a redirection to the
/authorize endpoint with a
sessionToken which I assume I get from the authentication flow, however I don’t understand why it still uses the existing session instead of the new one.