I have implemented OAuth2 PKCE flow with Okta using Python. It is a desktop application. I am using custom URL scheme as redirect URL to receive authorization code. Everything works fine and browser opens application when it sees custom URL scheme in redirect URL but the browser remains open and shows in progress Okta sign in image. What can be done to either close the browser or show appropriate message in browser?
Python desktop application - close browser in OAuth2 PKCE flow
581 Views Asked by Anand At
1
There are 1 best solutions below
Related Questions in PYTHON
- new thread blocks main thread
- Extracting viewCount & SubscriberCount from YouTube API V3 for a given channel, where channelID does not equal userID
- Display images on Django Template Site
- Difference between list() and dict() with generators
- How can I serialize a numpy array while preserving matrix dimensions?
- Protractor did not run properly when using browser.wait, msg: "Wait timed out after XXXms"
- Why is my program adding int as string (4+7 = 47)?
- store numpy array in mysql
- how to omit the less frequent words from a dictionary in python?
- Update a text file with ( new words+ \n ) after the words is appended into a list
- python how to write list of lists to file
- Removing URL features from tokens in NLTK
- Optimizing for Social Leaderboards
- Python : Get size of string in bytes
- What is the code of the sorted function?
Related Questions in BROWSER
- Why does Angular send Http Request Method: Options before POST?
- Trick browser into resizing the viewport dimensions by 1px
- Why is it so hard to style <select> and <option> elements?
- Change writing language at browser
- Selenium stops running after click() function runs
- Are there any debugging tools for the Opera Mini mobile browser?
- place 1 label top, 1 input bottom and 2 buttons left
- Why clear cache does not work with all browsers?
- Opening Browser Instances from different Vendors
- Browser's not displaying images correctly
- Open a html document with php
- How to run a .jar inside browser?
- Why/how does the browser decide ☃.net goes to xn--n3h.net
- How do you invoke another app from a child browser
- Firefox and SSL pages - takes very long on certain sites
Related Questions in OAUTH-2.0
- Not getting refresh token with google oauth2
- SoundCloud Authentication Consistently Returns 401 invalid_grant For Some Users
- How can I share Azure Active Directory authentication between server side and client script?
- OAuth2 and API Json request not working with jQuery Call
- Flask-Restful, oauth, and Salesforce
- Bearer token in MVC controller to access Web API
- Revoking OAuth tokens in Mule
- how to signup user using google-plus integradation in web?
- Need to run getAuthToken twice before receiving access token, why?
- chrome.identity.getAuthToken and refresh token?
- dropbox api authentication (Error: [400] 'invalid_client')
- Retrieve Google Sites's Domain Index feed using OAuth 2.0 with Service Account
- hello.js: Is it possible to set the provider's settings dynamically?
- How to share developer account at LinkedIn
- Linkedin Unsupported POST target
Related Questions in OKTA
- Add Okta user to Okta group Python sdk
- Okta api python sdk throwing json error
- How to diagnose a E0000022?
- Okta how to pass groups in assertion SAML
- What is the maximum number of applications that can be activated on the Okta sandbox?
- Authentication using SAML and OKTA through SSO service of Bluemix is going into a loop
- Getting Users SessionID from Okta Sign-in Wudget
- How to deep-link directly to an app in Okta Mobile on iOS
- Authenticating JIRA API with okta SSO
- Why Keystore is needed when using SSO (SAMLv2)
- Spring Security SAML with OKTA
- How do you customise the okta application loading screen?
- kid not matching on OAuth 2.0 flow
- Symfony2.8 website(SP) & OKTA(IDP)
- Okta-Signin-widget no callback happening
Related Questions in PKCE
- OAuth2: using PKCE instead of client_secret
- Is it needed to use reference tokens while using PKCE?
- Ignoring X-Frame-Options in Chrome headless mode with Cypress
- Doesn't OAuth 2.0 PKCE Flow open the door to masquerading/phishing attacks?
- Python desktop application - close browser in OAuth2 PKCE flow
- Can I use auth0 java sdk to verify an Okta token?
- Unable to retrieve roles/groups from Azure B2C
- In angular, Spotify get token API, using the PCKE flow, returns error 404 Collection 'token' not found
- How to juggle multiple PKCE code_verifiers in a monolithic OAuth2 "client" that is really a Web server
- Difference in time obtained from nbf claim while validating azure b2c token on the server
- How does PKCE help public clients?
- Why is code_challenge_method=plain alllowed?
- Is there any point using PKCE if a client id/secret is also used?
- Why does the Spotify Auth API return a 400 with "code_verifier was incorrect"?
- Configure Insomnia to retrieve OAuth 2.0 token as though from public client (without client secret)
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
It is a tricky flow and it is difficult to get this perfect, though returning to a web page after login rather than directly to the app will give you greater control:
DEFAULT OPTION
Use a redirect URI such as x-mycompany-desktopapp:/callback, which is invoked automatically, but this results in a leftover / confusing browser page, as you are finding.
INTERSTITIAL PAGE OPTION
Update the redirect URI to a value such as this, which is a web page you need to host:
If you do a 'View Source' on the above page you will see that it invokes the custom URI scheme when a Continue button is clicked. This at least gives you control over the post login behaviour and messaging.
FURTHER INFO
My blog post has further details and a NodeJS desktop code sample you can run.