Open bgindek opened 3 years ago
@bgindek Thanks for the submission. The method getWithoutPrompt
requests tokens from Okta in an iframe and requires access to "third-party" cookies. This method will often fail in the latest browsers with default settings. But the signin widget can return tokens directly to your app, or initiate a redirect to receive an authorization code to receive tokens. In many cases it is possible to avoid using getWithoutPrompt
entirely.
This method will often fail in the latest browsers with default settings - can I change these settings? Not obvious how In many cases it is possible to avoid using getWithoutPrompt entirely. - how is that done?
I'm submitting a bug report
Background info
I'm using the Okta widget (https://global.oktacdn.com/okta-signin-widget/3.8.2/js/okta-sign-in.min.js) to log into my website. It works fine from a desktop browser (Chrome/Firefox) and on an Android device (Chrome/Firefox).
Expected behavior
Redirected page gets the tokens saved in session cookie(s)
What went wrong?
Fails after the login redirect on iOS (Chrome/Firefox). The login succeeds but in the redirect page on my website I make a call to:
authClient.token.getWithoutPrompt({...
and get the error:
OAuthError: The client specified not to prompt, but the user is not logged in.
Your environment