Okta (Session)

An Okta API REST session flow is supported for authentication with Okta using the auth_oauth2 config and the OKTAREST Auth apk. This allow for automatic cookie refresh to keep alive the user session.

Field

Description

issuer_url

string The configured Issuer URI for the identity provider.

client_id

string The configured client ID for this application.

redirect_url

string The configured redirect callback URL for this application. Use "com.bluefletch.ems.auth://callback".

scopes

string The scopes where this authentication applies.

redirect_url_verify

string Specifies the redirect URL used when refreshing cookies during the verification after reauthentication. Always set the value as "com.bluefletch.ems.auth://verified". Requires the Launcher settings configuration to also have verifyIdpOnReauth set to true.

mfaVerifyIntervalWait

integer Number of seconds to wait before reattempting multi-factor authentication in Okta Verify push. Default is 2. Introduced in Auth 4.6.2.

mfaVerifyAttempts

integer Maximum number of attempts to correctly verify multi-factor authentication before account locks. Default is 10. Introduced in Auth 4.6.2.

Example:

...
"auth_oauth2": {
    "host_url": "https://dev.oktapreview.com",
    "client_id": "0o5o9hn89wN4AAhhJ0h7",
    "redirect_url": "com.bluefletch.ems.auth://callback",
    "scopes": "openid email profile offline_access groups",
    "logout_redirect": "com.bluefletch.ems.auth://logout",
    "mfaVerifyIntervalWait": 5,
    "mfaVerifyAttempts": 7
}
...

PreviousAppAuth/OIDC NextMSAL

Last updated 1 year ago