So I’m working on a webapp/SaaS and we handle our own Auth, Users, Roles, Permissions, etc. We use google as an SSO option, and I was wondering how I could implement okta as another option.
I set up the sample app with 2 users and scoped their access. But really what I want is a way to verify the user and handle their roles/permissions/etc the same way I handle them normally. I just need the Token. I get the gist of how I can set up Okta but its not something that will be used internally, it will be used to verify other company users. Most examples I see relate to a company using okta themselves. I can see it working if I get the companies who use my services give me their client ID and client secret - but that also doesn’t seem like the right way to go about it.
Can anyone point me to some documentation? Is there a way for me to essentially allow other companies to connect to my okta org and allow users to login from an endpoint through my org?