Using SSO for OIDC Application

I have an Okta client that wants to allow their users to SSO into their apps via the user’s dashboard. I set up two SAML apps and got that working fine. I have a demo OIDC app (Web). When the user clicks the application’s chicklet on their app dashboard, I want Okta to send user information to the /authorization-code/callback endpoint so I can log them into the app via API calls. I see guidance on the web that says this is possible, but no clear steps on how to make it happen. At this point, all that Okta is sending to that endpoint is the issuer URL.

  1. Is what I am asking for possible?
  2. Can someone point me to instructions to make it happen?

It’s possible for sure, but you have to configure your OIDC app special way

  • this is the first way, where the URL is a special one, which will initiate OIDC /authorize call back to Okta
  • this is the second one, where Okta would send token directly to your callback URL (you can choose your scopes)