hi, im trying to authenticate my users using an enpoint:
{{url}}/api/v1/authn setting up username and password,
but this this i only get session_token,
how can i have the access_token only using endpoint without any redirection,
im trying to create validate my endpoints using okta users but without having any UI view, just only endponts,
how can i work on this, im using node js express.
Thank You in advance!
Hello,
The /authn API is only for authentication against an Okta Org, this endpoint does not mint tokens.
In order to get an access token you will need to use the session_token an make an /authorize call. Note usually this call happens through a browser user-agent. None of the Okta SDKs support making this call without a browser agent except for the mobile SDKs.
Below is a sample of doing the entire flow from a Node CLI application, but is for demonstration purposes and not a supported flow.
Hi erik, thank you for this answer. So can you help me understand how I would set up the following?
I have a third party consumer that wants to use my APIs, which I want to require authentication using Okta. Do I need to onboard their Application in my Okta tenant using the Admin portal w/ client id/ secret so that their application can make the /authorize calls to log in as a user from the Okta tenant?
I am confused because I wanted to create an API that did this on behalf of them (so that they would not need to know about my Okta url). But it sounds like this is not the correct path forward.
Thank you!