I have my ReactJs application and I'm authenticating the users using Okta React SDK (https://github.com/okta/okta-react). This SDK is using OpenID and OAuth 2.0 to authenticate users. Now, I want to change the authentication flow from (OAuth 2.0) to (SAML 2.0) in my react application. So that user would authenticate from Okta using SAML2.0 flow instead of OAuth2.0.
For the backend, I’m using ruby on rails. I have gone through a number of blogs and documents But, looks like I am unable to find a way or examples where I get some help. Is this possible, what I’m trying to achieve ?.
Looking forward to you guys, I’m really stuck in it.
The usual solution is in 2 layers:
Your React app uses Open Id Connect and you receive tokens with which APIs can be called. The code and tokens involved are JavaScript friendly.
Multiple login types can be supported - if you need to do a SAML login you configure Okta accordingly but do not need to change code in your UIs and APIs. You will want to avoid coding SAML yourself since it is not a web friendly technology.
So the direction should be to point Okta to a SAML identity provider and perform a federated login. If useful my blog post has further info on the general approach.