Using sessionToken how can get access_token and id_token


Hi i’m new to okta and i’m trying to integrate it with my webportal to okta using the custom login.

I have login page will get username and password to send to okta using primary authentication api( {{url}}/api/v1/authn). the api got response user details with sessionToken.

so using this sessionToken how can get other access_token and id_token?
can you provide the api list ?


You want to use the OAuth 2.0 authorize route, specifying the sessionToken parameter:

Let me know if you have any questions about this!


Hi Tom

Thank you for your replay.

  1. making api call for {{url}}/api/v1/authn – post method with user details
    res: got sessionToken
  2. Api call – token&scope=openid&prompt=none&response_mode=form_post&

is it will return the callback url to response or how to handle it


Take a look at this thread to know how to get the access_token from session token.
It also has sample code in javascript & .net -


i am using the OKTA widget for authentication.
When signin callback url will get code and state and internally setting the cookies value and python callback url is getting the cookies value, working fine my linux ubuntiu machine.

When i will same code will executing to mac machine not working, the cookies values setting the callback URL okta response but not able to get in same value in python code.
what is the issue?
any browser setting need to change?


@bala Can you post the code that is doing the login and setting the cookie? I’m not sure why Python would see a cookie on Linux but not on Mac.

Safari has some restrictions on third-party cookies, but it sounds to me like you are setting a first-party cookie. If you post your code we can take a look.


Hi nate.barbettini,

Thank you for your quick response.

i have used this github code,

OktaAuth.min.js and okta-sign-in.min.js these file only setting the cookies in client browser.

  1. When my application is deployed in linux machine then client application on linux or MAC working fine.
  2. The issue is observer while application deployed in MAC platform.


Hmm, that is not an issue I’ve seen before. Do you mean that the server is running on a Mac, or you are accessing the application on a Mac? If the latter, which browser are you using?

In order to debug this, can you provide a set of steps that always reproduce the issue?