SSO with JWT Assertion


#1

Since more and more security products are moving to OAuth and JWT Tokens, can Okta support SSO with JWT assertion similar to SAML2 assettion.
Thanks


#2

Yes, we have JWT assertion libraries you can use. What language or framework are you using?


#3

HI mraible
We actually want Okta to consume the JWT assertion token and create a session or id token same as SAML assertion. I don’t see any configuration under Identity Provider section to configure SSO using JWT assertion.

We use java for development


#4

You can create an Authorization Server and OpenID Connect app to gain this functionality. I wrote about how to do this in a recent article on scotch.io. https://scotch.io/tutorials/build-a-secure-notes-application-with-kotlin-typescript-and-okta

You could also use our JWT Verifier library for Java. If you’re using Spring Security, the aforementioned article shows how to use the Okta Spring Boot Starter to do this.