Using Okta to authenticate access to integrations within an app (React)

Questions
#1

I am new to Okta and still working my way through this, so forgive me if this is a simple question.

I am using Okta to manage users inside an app I am working on in React. However within this app I want users to be able to connect 3rd party integrations such as gmail, docusign, etc.

First off, is this something that Okta is recommended to be used for? I do not want the user to have to use the Okta authentication plugin or anything like that, I just want the verification to be done using Okta so I do not have to build it out on my own.

And if going this route is the correct process to create an application in Okta for each possible integration? Users may have a different email address or user id than they use inside my application so I want this to be as open ended as possible.

#2

Is the goal to create a sort of portal application that the users could use to launch various different applications? How do you envision having these users login/authenticate with Okta?

In order to use applications they are assigned in Okta, they will need to complete primary authentication (e.g., username/password), but you could of course handle this with your own UI that calls Okta’s authn endpoint instead of using our Widget or SDKs.

If you go ahead and set up these integrations in Okta, if the User logs into Okta (creating an Okta session cookie in the browser), they will be able to launch these applications without needing to re-authenticate (ymmv if you are looking to prompt for MFA for certain, secure applications). If you do go this route, you can use the App Embed Links that are generated for these integrations to launch them from your application.

#3

The goal is to create an application that integrates with others that require authentication.

It is a sales application, so for example the user would register in my application. Now if they create a contract and want to use docusign (they may or may not, and if they do they have their own docusign account nothing that we provide) - then while inside my application they would click “link your docusign account” which after authentication would be able to use the docusign API.

Or maybe they have a CRM they use and want to sync contacts and then edit them from inside my app etc and that CRM requires authentication and refresh tokens etc.