<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008C3jTaSAJOkta Classic EngineOkta Integration NetworkAnswered2021-01-08T16:34:49.000Z2018-01-25T14:14:17.000Z2021-01-08T16:34:49.000Z

WilliamR.11087 (Customer) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
How to get an access token after authenticating with SAML?
I have a basic SAML SSO/SLO working with a test Hapi (NodeJS) app.  I have been able to store name_id and session_index after a successful SSO login.  Is there a way to use these values to get Okta to create an access token for the user?  Is there a way to use these values to get the user ID or session ID, so that I can make API calls related to the user that logged in through SAML and their session?  Is there any documentation on using the React sign on widget in a SAML app?

 

Thanks for your help,

William
  • 2 answers
  • 6.38K views
31ycb likes this.

  • andrei.aldea1.4721588181695305E12 (Okta, Inc.)

    Hello William,

     

    Based on our documentation for Authentication (https://developer.okta.com/use_cases/authentication/), Oauth2 (https://developer.okta.com/docs/api/resources/oauth2#request-a-token) (which I assume is what you would be using once the access token was generated) and SAML (https://developer.okta.com/standards/SAML/index), I don't believe that is possible.

     

    However, I recommend opening up a case with Developer Support (email: developers@okta.com) and running the question by them. At the very least, they should be able to confirm if I am correct - and if not, they should be able to assist with the implementation.

     

     

     

    Regards,

     

    Andrei Aldea

    Technical Support Engineer

    Okta Global Customer Care

    Expand Post

  • PhilippK.59222 (Customer)

    Hi there, I know that this question is more than 2 years old but there is no definitive answer (or maybe something changed in the meantime), so I'm asking again:

     

    How can we use name_id and/or session_index to revalidate at a later time if the user's session is still valid?

     

    I have a react SPA and implemented a SAML SSO – everything is working as expected so far. Our API receives the SAMLResponse with the name_id and session_index. Based on the name_id we create a new access token for our REST API which react adds to every API call from then on. The API can identify the user based on this token but it should also ask Okta if the user session is still valid. How can we achieve this? Or is SAML not the correct approach for this? Our customer especially asked for SAML so I don't know if OIDC would be an option.

    Expand Post
This question is closed.
Loading
How to get an access token after authenticating with SAML?