JesusJ.03583 (Customer) asked a question.
We have and Angular app and a .net5 API with a multi-tenant implementation, so is a single instance of the app for multiple customers. Some of our customers wants to use Okta for single sign on into our application by using their independent Okta organization user account to login into our app.
We have special role management function in our application and we would need to map the user in each Okta organization to a user in our application. The workflow is that they want to launch our application from a dashboard and if there is already an open Okta session, bypass login and let the user through.
How can we check if there is an authenticated user to bypass our login? and basically how do we know against which Okta domain to validate the token?
I was able to present the scenario using SWA, but our customers may have policies against using bowser extensions. Basically what we would like to do is exactly the same scenario as it would happen with SWA, but having the mapping stored in our application without storing any passwords or using any browser extension.
Is this possible?
Thanks for your help.
Hello @JesusJ.03583 (Customer),
Thank you for posting.
This seems to be a pretty specific setup, and I'm afraid that providing a solid answer will not be possible unless getting a hold of additional information. I would strongly suggest opening a support ticket, and we will be able to provide some more detailed answers.
Regards,
Natalia
Okta Inc.