PreethamS.65089 (Customer) asked a question.
HI , I need to connect to the applications enclosed with OKta and I did followed the below steps.
Step 1: Get the session Token with Primary authentication with public application through Post Request. ---- This is to connect to OKta account (Authenticate).
Step 2: Now, I need to access the application inside Okta (say Web App) , I did used the OpenID Connect Authorization Endpoint which needs Client ID (I got this) , Session ID (It got this in Step 1) and State (How do I get the State value )??
https://${yourOktaDomain}/oauth2/v1/authorize?client_id={clientId}&response_type=id_token&scope=openid&prompt=none&redirect_uri=https%3A%2F%2Fyour-app.example.com&state=Af0ifjslDkj&nonce=n-0S6_WzA2Mj&sessionToken=0HsohZYpJgMSHwmL9TQy7RRzuY
Hello @PreethamS.65089 (Customer) ,
I've escalated your question to our Customer Support team. They will respond to you shortly here.
Thanks!
Tim
Okta, Inc.
Hi @PreethamS.65089 (Customer)
The parameters "state" and "nonce" are unique values generated from your end which can be used to verify the request. After sending this values to Okta, Okta will redirect back to your callback with the location of the values as follows:
If you are not verifying this values on your end after the user is redirected from the /authorize endpoint, the best solution would be to put static values, such as "abc".
Dragos Gaftoneanu
Developer Support Engineer
Okta Global Customer Care