Reputation: 1349
Okta Secure Web Authentication Session Id
I am trying to use the my app to work with the SWA login method. I created the app and it redirects fine. Looking through the browser console I see okta has set a session id cookie. I know I can not access that cookie so how do I get the session id. This is needed to validate the user is logged in.
I have a link to a doc below. What does "then applies that information to the page" mean. How can I get that appied information?
From this doc https://support.okta.com/help/articles/Knowledge_Article/27598176-About-the-Browser-Plugin#AboutThePlugin
"After You Have Installed the Plugin When you start an app from your Okta Home page, a new browser tab opens to the app's URL. The plugin uses an encrypted SSL connection to obtain authentication information and other required information from Okta, and then applies that information to the page. The plugin does not store your credentials after authentication is complete."
Upvotes: 0
Views: 2051
Answers (2)
Reputation: 121
Small clarification to previous post.
Instead
If you want a custom login form (in case the user hits your page before going to Okta), use the Sign-In Widget. If you want to just redirect to Okta to login, use the Auth SDK.
Should be vice versa:
If you want a custom login form (in case the user hits your page before going to Okta), use the Auth SDK If you want to just redirect to Okta to login, use the Sign-In Widget.
Because Sign-In Widget is built on top of Auth SDK So if you need basic login functionality you can use widget, but if you need some custom flow with difficult logic you should use okta sdk
Upvotes: 1
Reputation: 205
I wrote a response to your earlier question here. It looks like you do have the plugin installed, so there are a couple reasons the plugin might not be injecting credentials:
The origin does not match - i.e. your app login page is on a different origin than the url you entered when creating the app in okta.
The plugin cannot recognize that the page is a login form. To confirm - you are redirecting to a login page, right?
Actually, now that I'm thinking about it - are you actually managing creds, or do you want Okta to just handle the login for your users (use Okta as the IDP)?
If you want to use Okta as the IDP, there's a much better way to go about this:
If you want a custom login form (in case the user hits your page before going to Okta), use the Sign-In Widget.
If you want to just redirect to Okta to login, use the Auth SDK.
Both options make use of and expose the /sessions/me API to check if there is an existing Okta session.
Upvotes: 0
Related Questions
- OKTA Sign-In Widget MFA
- Okta API - authn always returns Invalid Session
- Single Sign On with Okta session
- Okta: How to retrieve Access Token via SessionToken (JavaScript)
- OKTA token for API access
- authenticate to SharePoint through OKTA from back-end service
- OKTA Session Id Retrieval
- Okta sso for native app accessing web services
- Okta SignIn Widget with SAML
- Invalid session when trying to create a session in OKTA