search

okta / okta-mobile-kotlin

Okta's Android Authentication SDK
https://okta.github.io/okta-mobile-kotlin/
Apache License 2.0
33 stars 11 forks source link

When accessing a second app in a webview for a token exchange flow, how to pass the ID token and device secret? #230

Open MeghaR2408 opened 1 year ago

MeghaR2408 commented 1 year ago

Describe the feature request?

Hello, I used this sample code to implement the Token Exchange flow, and it's working fine. I can use SSO to log into one app (a mobile app) and another (a web app). Both of my applications are native ones on Okta. The token exchange flow isn't working when I open a second app, a web app in Web View, and I'm not already logged in. In order for me to be logged into the second app when I access app 1 from app 2, how can I pass ID token and device secret?

New or Affected Resource(s)

Token exchange Flow

Provide a documentation link

No response

Additional Information?

No response

mikenachbaur-okta commented 1 year ago

Hi @MeghaR2408, my apologies for the late reply.

The okta-mobile-kotlin and okta-mobile-swift SDKs do not supply any built-in patterns or mechanisms for sharing the device secret with other applications, since this is very dependent on the individual application itself.