i have the need of switching apps after authentication. scenario. app1 starts SSO i get the access/refresh tokens the user switchs to app2 the sessions expires and i use the refresh token, the problem starts here, the refresh token was generated using the client credentials of app1 so making the request to okta using the refresh token and client credentials from app2 returns an incorrect credentials error. is there an specific flow/config i need to follow to achive this?
Thank you for reaching out to Okta Support, my name is Adrian and I'll be handling your case. In order to properly response to this question you will have to open a support ticket in order to see the exact flow and troubleshoot on the issue. Are both apps SAML apps or SAML and bookmark?
i will try to explain i little better, app1 and app2 are my current company applications, in okta i created oktaApp1 and oktaApp1 both apenId/OAUTH2 i have the same users assigned to both oktaApp1 and oktaApp2 (for now) and i have two sets of client credentials, independently, both apps work fine connecting to okta and authenticating the users, i know i can accomplish what i want for example if i use just oktaApp1 in both of my applications, now my need is for example have user1 and user2 user1 assigned in both oktaApp1 and oktaApp2 and user two only to oktaApp2 so the user1 should be able to swith apps (company apps) with out re-authenticating but because the two sents of client credentials i get with openId/OAUTH i cant validate the refresh token once user1 goes to app2.
going back to your question about SAML, the answer is no i used openId/oauth when i was configuring the oktaApps, is the flow that im trying to implement only possible by setting both oktaApps as SAML ?
thanks in advance for any help you can provide.
Sent from Outlook