Help needed on implementing OpenID LogOut request using OKTA sign in widget
I am using Authorization code workflow using OKTA sign in widget and when the OpenID connect login is successful, I set the Session cookie and redirect to my callback URL so I can process the code.
So in the back channel I get the "code" ( which I read from the query param set on the redirect URL). Fine here. I check that it is not empty and then proceed further to check cookies.
Then I check for two cookies - "okta-oauth-nonce" and "okta-oauth-state" to validate. Everything good here.
Now my problem is I am not sure where is session cookies set ? And what is the name of the session cookie ( which I get on the front channel and then I redirect to back channel for my Authorization Code workdlow ) ????
OK. Another issue related to the logout request on OpenID. As per teh documentation here (https://developer.okta.com/docs/api/resources/oidc.html#request-examples-1) , it says I need id_token_hint. What do you mean by this id_token_hint ? Is it a session cookie or nonce or sate (as above) or is it a ID token I can retrieve from /oauth2/v1/token endpoint ? Is it the entire JSON that I get from /oauth2/v1/token ? or is it just the id_token portion of the json I receive form /oauth2/v1/token ?
Hi Please see the below support link in regards to the session cookies: https://developer.okta.com/use_cases/authentication/session_cookie I hope that helps. For your other question, please open a separate case, so we can avoid confusion on the present one. Thank you.