0

I am trying to use the my app to work with the SWA login method. I created the app and it redirects fine. Looking through the browser console I see okta has set a session id cookie. I know I can not access that cookie so how do I get the session id. This is needed to validate the user is logged in.

I have a link to a doc below. What does "then applies that information to the page" mean. How can I get that appied information?

From this doc https://support.okta.com/help/articles/Knowledge_Article/27598176-About-the-Browser-Plugin#AboutThePlugin

"After You Have Installed the Plugin When you start an app from your Okta Home page, a new browser tab opens to the app's URL. The plugin uses an encrypted SSL connection to obtain authentication information and other required information from Okta, and then applies that information to the page. The plugin does not store your credentials after authentication is complete."

Chris
  • 1,299
  • 3
  • 18
  • 34

2 Answers2

1

Small clarification to previous post.

Instead

If you want a custom login form (in case the user hits your page before going to Okta), use the Sign-In Widget. If you want to just redirect to Okta to login, use the Auth SDK.

Should be vice versa:

If you want a custom login form (in case the user hits your page before going to Okta), use the Auth SDK If you want to just redirect to Okta to login, use the Sign-In Widget.

Because Sign-In Widget is built on top of Auth SDK So if you need basic login functionality you can use widget, but if you need some custom flow with difficult logic you should use okta sdk

CREZi
  • 111
  • 1
  • 6
0

I wrote a response to your earlier question here. It looks like you do have the plugin installed, so there are a couple reasons the plugin might not be injecting credentials:

  1. The origin does not match - i.e. your app login page is on a different origin than the url you entered when creating the app in okta.

  2. The plugin cannot recognize that the page is a login form. To confirm - you are redirecting to a login page, right?

Actually, now that I'm thinking about it - are you actually managing creds, or do you want Okta to just handle the login for your users (use Okta as the IDP)?

If you want to use Okta as the IDP, there's a much better way to go about this:

  1. If you want a custom login form (in case the user hits your page before going to Okta), use the Sign-In Widget.

  2. If you want to just redirect to Okta to login, use the Auth SDK.

Both options make use of and expose the /sessions/me API to check if there is an existing Okta session.

Community
  • 1
  • 1
remanc
  • 205
  • 2
  • 10
  • Thanks, I think the session me solution would work. However I am not able to hit that api for some reason. I created a developer account to play around with before using are real okta instance. It is an oktapreview if that matters. I created a session via a session token and validated the id however, when I try to hit that api I get.{ "errorCode": "E0000007", "errorSummary": "Not found: Resource not found: me (Session)", "errorLink": "E0000007", "errorId": "oaeF_4DlNO5Sp6NHmsj1DnCmA", "errorCauses": [] } – Chris Oct 14 '16 at 20:43
  • Looks like a need to send the session cookie in the header. How can I retrieve that? – Chris Oct 14 '16 at 20:56
  • You'll need to redeem your sessionToken for a session. There are a couple ways to do it - if you want an id_token and have OIDC setup, use the authorize url; else use the sessionCookieRedirect url. More info is in [docs here](http://developer.okta.com/docs/api/resources/sessions.html#session-token). – remanc Oct 15 '16 at 16:46
  • @remanc, i have id_token in my response, so do i need to add id_token in header ? what should be my key for header ? i check document but could not get proper detail of it. – bharatpatel Jul 09 '18 at 06:33