Hi all,
is there any possibility to send email with OTP code for log in purpose via API? The scenario what I want to achieve is:
User provides email in my app
The email with OTP code is sent to the user (I would like to trigger it via OKTA API if possible)
User is redirected to Okta widget with pre-populated OTP code and can log in
The another scenario which would work for me is that I implement OTP logic on my own so that I can confirm that user exists in our system and after that I would like to log in user automatically in OKTA from the backend, but I’m not sure if it’s possible.
It would be great if you can answer if something like this is possible in OKTA, if so please let me know where I can find steps how to achieve it.
Taking these backwards: you can’t really log in the user from the backend because they have to go through authentication at Okta in order to get a session at Okta. I can’t think of anyway to make that work, but someone else may know something I don’t.
For your first question, you can get start to get close with email magic links: Email Magic Links overview | Okta Developer. But it won’t do exactly what you want, the idea is the user lands on the authentication page, puts in their email, and clicks the link to send the OTP through email. They have to be registered as a user first.
Now you may be able to get closer with the interaction code flow and feed it an email address the user has given your application. But there are a lot of issues trying to use idx yourself, not the least of which is you will loose SSO unless you start jumping through even more hoops. If you go look at the sdks you can find the documentation for idx. I have not tried to do this, I’m just leveraging what I know about idx.