Sorry to say I have hit another snag that I could use some guidance with if possible!
I have two identical apps running, when I login to App A a session cookie is stored along with an id & access token. When I then navigate to App B the session cookie is present and, using okta-signin-widget, I can see that I have an okta session when calling session.get().
However the id and access tokens are not present so I am then using okta-auth-js to make a call to token.getWithoutPrompt to retrieve my tokens and add them to the token manager.
This all works perfectly and both apps are in the state that I would like to see them in for SSO.
When I hit logout on either of the apps I clear the tokenManager and logout of my okta session. This works perfectly for the app I am currently in.
The issue I have hit comes when I then navigate to the other app. If there is no okta session then the app clears the tokenManager and forces the user to login again. However I then get an error in the console…
error.errorCode: login_required, error.description: The client specified not to prompt, but the user is not logged in.
ERROR Error: Uncaught (in promise): OAuthError: The client specified not to prompt, but the user is not logged in.
I’ve added some console.logging to my code to ensure that it doesnt hit the getWithoutPrompt call that I have. I’m guessing this comes from within the login widget somewhere?
- Login to AppA with implicit flow redirecting to /implicit/callback
- Tokens in local storage along with cookie for state and nonce
- Navigate to AppB
- AppB identifies that there is an Okta session and uses okta-auth-js to call getWithoutPrompt to retrieve id and access tokens to store using TokenManager
- Logout of AppB - clears tokenManager and closes OktaSession
- Navigate back to AppA which clears the tokenManager and redirects to login page
It is at Step 6 that I receive the OAuthError. The apps both behave as expected but I don’t want any errors displayed in the browser. okta-sign-in.min.js:14 is the line I get the error from