okta

I am trying to get the current session Object from Okta using the sessions/me endpoint called from Javascript (Redux action), but I get a not found response, even when I have an active session. It's not CORS related, I enabled CORS for my domain. The best I can tell is a cookie related issue. When I call sessions/me from the browser directly, I see the browser attaching multiple cookies to my request. When I call from javascript, there are no cookies attached to the request. Is there a way, from Javascript to have access to the cookie needed for sessions/me to succeed? I'm guessing this is a

As per SP initiated SSO flow, User tries to access SP. Since the user is unauthenticated, he is redirected to IDP where he enters his credentials, post successful login, IDP sets cookies in user's browser(under IDP's domain) and redirects the user back to SP with SAML response. Once SP verifies SAML response it creates it's own cookie/token and sets in user's browser under sp's domain. What should ideally happen in subsequent requests : Should SP rely only on it's own cookie to fetch user info Should SP validate user session with IDP in every request. If option 1 is advised, Is it ok from

I have a Django app that I am trying to add Okta authentication. I currently have created a custom backend that utilizes the Okta API to authenticate a user: class OKTABackend(ModelBackend): def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) def authenticate(self, username=None, password=None): headers = { 'Authorization': 'SSWS {}'.format(<my OKTA API token>), 'Accept': 'application/json', 'Content-type': 'application/json' } authentication_payload = { 'username': username, 'password': password } r = requests.post( <my OKTA app address>, headers=headers, data=json.dumps

I'm trying to integrate with Okta SSO by implementing SAML 2.0 in my website as Service Provider (SP) and Okta env. as my Identity Provider (IDP) I can't understand how to configure my IDP to return for each Auth request, the groups a user is in. How can it be done? Also, Is it possible to have service account in my IDP that my backend can ask the IDP directly if a user is inside some specific group? It is possible to add groups to the SAMLResponse by configuring the SP App in the Okta admin dashboard correctly. In order to do it for an existing app, Go to Admin panel and edit the SAML

I have two service providers that I am connecting to Okta in order to manage identities externally. Can you think of a way to configure Okta to accomplish the following: Associate attributes with groups, rather than directly to users. Users within groups would then inherit these attributes. Associate groups with applications, rather than directly associating users with applications. My end goal is to be able to leverage Okta for managing a role store for each service provider. I would expect SAML assertions coming from Okta to be able to be mapped into assertions for individual service

I have followed the guide https://ultimatesecurity.pro/post/okta-saml/ , to configure OKTA Saml with keycloak. After this configuration, I see Okta/saml login button on login page, clicking on which, the user is redirected to Okta login/SSO. Now, is there a way to avoid clicking on this button everytime such that when the keycloak login page appears, user is auto redirected to Okta SSO automatically instead of shown keycloak login form with okta redirect button? If not, is it possible to enter okta username password within the keycloak form fields and keycloak have it validated internally from

I have a need to programmatically connect to a customer's SharePoint server that uses OKTA for authentication. I saw this post which looked promising, but cannot seem to get a valid session cookie back from OKTA. I can successfully call the /api/v1/authn endpoint and get back a sessionToken, but when I turn around and call /api/v1/sessions?additionalFields=cookieToken with that session token, I always received a 403 - Forbidden, with the following json: { "errorCode": "E0000005", "errorSummary": "Invalid Session", "errorLink": "E0000005", "errorId": "oaew0udr2ElRfCnZvBFt075SA", "errorCauses":

I'm trying to implement the JWT Bearer Authentication in my AspNetCore MVC app (Web API only) using the JwtBearerMiddleware but am getting a 401 response with header: WWW-Authenticate: Bearer error="invalid_token", error_description="The signature key was not found" The relevant code in Startup.cs looks like this: app.UseJwtBearerAuthentication(new JwtBearerOptions { Authority = "https://example.okta.com", Audience = "myClientId" }); With the Authority URL I'd expect the middleware to query my Identity Provider metadata from https://example.okta.com/.well-known/openid-configuration to get the