AnandM.75775 (Customer) asked a question.
Help needed on implementing OpenID LogOut request using OKTA sign in widget
I am using Authorization code workflow using OKTA sign in widget and when the OpenID connect login is successful, I set the Session cookie and redirect to my callback URL so I can process the code. So in the back channel I get the "code" ( which I read from the query param set on the redirect URL). Fine here. I check that it is not empty and then proceed further to check cookies. Then I check for two cookies - "okta-oauth-nonce" and "okta-oauth-state" to validate. Everything good here. Now my problem is I am not sure where is session cookies set ? And what is the name of the session cookie ( which I get on the front channel and then I redirect to back channel for my Authorization Code workdlow ) ???? OK. Another issue related to the logout request on OpenID.As per teh documentation here (https://developer.okta.com/docs/api/resources/oidc.html#request-examples-1) , it says I need id_token_hint. What do you mean by this id_token_hint ?Is it a session cookie or nonce or sate (as above) or is it a ID token I can retrieve from /oauth2/v1/token endpoint ? Is it the entire JSON that I get from /oauth2/v1/token ? or is it just the id_token portion of the json I receive form /oauth2/v1/token ? How and where am I supposed to get this id_token_hint in my openId over Oauth2 implementation of "Authorization_code" workflow using your JavaScript OKTA SignIn widget for front channel and PHP in the back channel ?
