Can I use the API to check for the existence of an Okta Session created by a user sign-on?
I am working on putting an internal Java web application behind Okta for authentication. In order to do this I want to use API calls to check for a current Okta Session.
The Session API provides methods for validating a session via a sessionToken. However, this means that the Session must also be created within the application by calling the Authentication API and then using the Session API to create a session and receive said sessionToken.
I would like to check for a current session that wascreated by a user signing into Okta prior to visiting the custom application. Then, I would check if the status of the Session is ACTIVE. I could then redirect them to the correct area of my application. Otherwise, if the status was not ACTIVE, I would redirect them to my company's Okta sign-in page.
Is there a way to leverage the API to check the status of an existing Okta Session that was created by an Okta sign-on (not previous Session API calls)?
Thanks for posting your inquiry in Okta Community.
I believe this link could help you to create User Sessions via the API: http://developer.okta.com/docs/api/resources/sessions.html
Please let me know if you need any additional information or if you've any further inquiries on your custom login implementation, you can consider to raise this in our Developer Forums here: http://developer.okta.com/discussion/. Alternatively, you can also get help from our Professional Services team, to help you set this up for your Okta Org.