Basically, Okta generates a JWT after authentication and passes to B2C. B2C copies the JWT but signs it with the B2C private key rather than the Okta one. In addition, B2C modifies the JWT according to the policy.
Yes - you can provide ROPC endpoint. But the flow is not secure hence deprecated in the new OAuth spec.
B2C doesn't support client credential flow but it's in the pipeline.
Distraction-free reading. No ads.
Organize your knowledge with lists and highlights.
Tell your story. Find your audience.
Read member-only stories
Support writers you read most
Earn money for your writing
Listen to audio narrations
Read offline with the Medium app
NZ Microsoft Identity dude and MVP. Entra ID/Entra External ID/Azure AD B2C/VC. StackOverflow: https://bit.ly/2XU4yvJ Presentations: http://bit.ly/334ZPt5
I have no idea what that custom policy does. You can add Okta using built-in policies - https://docs.microsoft.com/en-us/azure/active-directory-b2c/identity-provider-generic-openid-connect?pivots=b2c-user-flow
--
I did my changes in the b2c policy with Okta OpenID config and added an Okta icon in our login page. External client side, initially the Okta user authenticated from external application and navigates to my application SignIN page, after clicking…
--
Thanks Rory for helpful suggestion. I will implement with the first approach and test these integration accordingly.
--
