Greetings!
I have 2 questions - one design related and the other is on implementation.
We have a requirement to support SSO from multiple external partners - and one way I am planning to implement is by creating separate application clients and external IDPs in Okta for each. Then, when a user tries to access our services (we will know where they are visiting from), we will invoke Okta API to authorize for the client ID for that partner. With rules set that link that client ID to the external IDP, the user will then be redirected to the external IDP for authentication.
We are using Spring Boot with the Okta library.
Questions:
- Is this the right way to approach this problem?
- Assuming it is, I am now finding it difficult to support multiple client IDs in the application setup. The Okta specific configuration (“okta.oauth2…”) supports only a single clientId it seems. I could use a purely Spring OAuth2 integration which seems to support multiple clientIDs (under registration and provider). Is that the suggested way to implement this?
Thanks a lot!
Regards,
Arnab.