Reputation: 1
Can OKTA be used as IDP for Salesforce API access (machine to machine)
Full disclosure, I'm not an expert in OKTA, IDP technologies, or Salesforce API security configuration.
I'm working with a client that wants to secure Salesforce APIs via OKTA. They are currently using OKTA for SSO for their user access, but the ask now is to authorize API access using OKTA. We use MuleSoft to integrate with Salesforce and the client is asking us to request an access token from OKTA to submit to Salesforce to access the APIs via OAuth2 or OpenID. We are currently doing this against Salesforce (OAuth2) as IDP, but the ask is to use OKTA as the IDP for API authorization. Requested flow
We have tried to follow this guide to implement this functionality, but it doesn't work for us. It seems like this is creating a configuration for the other direction (ie. Salesforce -> MuleSoft APIs).
Does anyone know if what we're seeking is possible? I'm unable to find any other guides and we've heard from some Salesforce architects (unrelated projects) that this is not possible.
Upvotes: 0
Views: 217
Answers (1)
Reputation: 1
I have done something similar, You can use get the access token from Okta and user the Salesforce token exchange handler oauth2 flow to exchange the okta token with Salesforce token and then access the resources. refer to my video below https://youtu.be/1nbIScI2E74
Upvotes: -1
Related Questions
- How do I access the Salesforce API when single-sign on is enabled?
- Okta access token validation in Spring boot
- Python OKTA and Salesforce
- Okta redirect URI when used as OpenID IDP provider in Azure AD B2C
- Configure Okta to Mediate between our SP Application and IdP
- AD B2C integration with OKTA when OKTA is external IDP
- Okta oauth2 with external IdP
- Relay parameters to Okta and retrieve from IDP flow
- How can we screen by user groups from Okta on .NET Core?