On this page

    SDKs for alternate sign-in methods

    Okta recommends signing users in using an Okta-hosted Sign-In Widget. For those not following this approach, Okta maintains the following SDKs. However, when using these solutions, some aspects of Identity Threat Protection (opens new window) aren't as fully integrated with the sign-in process.

    Select the task that you want to perform to access more information on alternate ways to set up a sign-in experience in your app:

    Tip: See Recommended SDKs to find SDKs, samples, and documentation for the recommended sign-in experiences with Identity Engine, and other fully supported tasks.

    Sign in to Identity Engine from a single-page app

    Instead of redirecting to the Okta-hosted Sign-In Widget, you can create a custom sign-in page in your single-page app and implement an appropriate authentication flow between the app and Identity Engine.

    There are two ways to create a custom sign-in page. In both cases, enable the flow using auth.js or a framework-specific wrapper around it:

    1. Embed the Okta Sign-In Widget in a web page.
      Javascript Any javascript framework Auth Javascript SDK (Auth.js) (opens new window)
      React React React SDK (opens new window) Sample App (opens new window) Guide
      Angular Angular Angular SDK (opens new window) Sample App (opens new window) Guide
      Vue Vue Vue SDK (opens new window) Sample App (opens new window) Guide

    2. [Not recommended] Create the custom sign-in form yourself.
      Javascript Any javascript framework Auth Javascript SDK (Auth.js) (opens new window)
      React React React SDK (opens new window) Sample App (opens new window) Guide
      Angular Angular Angular SDK (opens new window) Sample App (opens new window) Guide
      Vue Vue Vue SDK (opens new window) Sample App (opens new window) Guide

    Note: All Okta JS libraries are hosted on npm (opens new window).

    Sign in to Identity Engine from a server-side web app

    Instead of redirecting to the Okta-hosted Sign-In Widget, you can create a custom sign-in page in your server-side web app and implement an appropriate authentication flow between the app and Identity Engine.

    Warning: When a server-side app uses the embedded SDK as a proxy between client apps and Okta servers, a request context for the client apps (IP address, user agent, and device) is required. This feeds into the risk assessment made by Okta Identity Threat Protection (opens new window) for any sign-in flow and enables policies based on these request context values. However, the proxy always passes in the app server's request context rather than the client context. Hence, ITP and some context-reliant authentication policies aren’t effective if you choose to use this custom sign-in experience.

    There are two ways to create a custom sign-in page:

    1. Embed the Okta Sign-In Widget in the page.
      ASP.NET Standard 2.0 ASP.NET
      Standard 2.0      		 Okta Identity Engine SDK for .NET (opens new window) Sample App (opens new window) Guide
      Python Python Flask Sample App (opens new window)
      Spring Spring Okta Spring Boot Starter (opens new window) Sample App (opens new window) Guide
      Node JS node.js Auth Javascript SDK (Auth.js) (opens new window) Sample App (opens new window) Guide
      Java Java Okta Identity Engine for Java (opens new window) Sample App (opens new window) Guide

    2. [Not recommended] Create the custom sign-in form yourself.
      ASP.NET Standard 2.0 ASP.NET
      Standard 2.0      		 Okta Identity Engine SDK for .NET (opens new window) Sample App (opens new window) Guide
      Node JS node.js Auth Javascript SDK (Auth.js) (opens new window) Sample App (opens new window) Guide
      ASP.NET Framework 4.8 ASP.NET
      Framework 4.8      		 Okta ASP.NET middleware (opens new window) MVC Sample App (opens new window)
      Webforms Sample App (opens new window)
      Java Java Okta Identity Engine SDK for Java (opens new window) Sample App (opens new window) Guide

    Sign in to Identity Engine from a mobile app

    Instead of redirecting to the Okta-hosted Sign-In Widget, you can create a custom sign-in page for your mobile app and implement an appropriate authentication flow between the app and Identity Engine. Android and iOS developers should use the Identity Engine SDK for their respective platforms.
    Android Android Okta Identity Engine SDK for Kotlin (opens new window) Sample App (opens new window) Guide
    iOS iOS Okta Identity Engine SDK for Swift (opens new window) Sample App (opens new window) Guide

    Note: The Mobile and Identity Engine SDKs share a modular architecture (opens new window).

    Sign in to Classic Engine

    Okta recommends upgrading your apps from Classic Engine to Identity Engine to take advantage of its many new features. If an upgrade isn’t possible right now, use the following content to set up a sign-in experience for your users in Classic Engine.

    From a single-page app

    The Okta Auth JavaScript SDK (auth.js) supports custom sign-in page interactions with Classic Engine as well as Identity Engine.

    There are two ways to create a custom sign-in page. In both cases, enable the flow using auth.js or a framework-specific wrapper around it.

    1. Embed the Okta Sign-In Widget in a web page.
      Javascript Any javascript framework Auth Javascript SDK (Auth.js) (opens new window) Guide
      React React React SDK (opens new window) Sample App (opens new window) Guide
      Angular Angular Angular SDK (opens new window) Sample App (opens new window) Guide
      Vue Vue Vue SDK (opens new window) Sample App (opens new window) Guide

    2. Create a custom sign-in page.
      Javascript Any javascript framework Auth Javascript SDK (Auth.js) (opens new window) Guide
      React React React SDK (opens new window) Guide
      Angular Angular Angular SDK (opens new window) Guide
      Vue Vue Vue SDK (opens new window) Guide

    Note: All Okta JS libraries are hosted on npm (opens new window).

    From a server-side web app

    Classic Engine is fully OAuth 2.0/OIDC compatible. To initiate the OIDC exchange, use your preferred OIDC SDK or the Okta OIDC middleware SDK listed in the following table. If you can't use OIDC to handle the sign-in flow, use an Okta Authentication SDK to interact with the authentication API.
    ASP.NET Standard 2.0 ASP.NET
    Standard 2.0    		 Okta ASP.NET middleware (opens new window) Okta .NET Authentication SDK (opens new window)
    Spring Spring Okta Spring Boot Starter (opens new window) Okta Java Authentication SDK (opens new window)
    node.js node.js Okta NodeJS OIDC Middleware (opens new window) Auth Javascript SDK (auth.js) (opens new window)
    ASP.NET Framework 4.8 ASP.NET
    Framework 4.8    		 Okta ASP.NET middleware (opens new window) Okta .NET Authentication SDK (opens new window)
    Java Java Okta Spring Boot Starter (opens new window) Okta Java Authentication SDK (opens new window)

    From a mobile app

    The classic Auth SDKs for Android (opens new window) (Java) and iOS (opens new window) (Swift) are now legacy Okta SDKs. The new Mobile SDKs replaced them and are compatible with Classic Engine by using the SessionTokenFlow class.
    Android Android Okta Mobile SDK for Kotlin (opens new window) SessionTokenFlow (opens new window)
    iOS iOS Okta Mobile SDK for Swift (opens new window) Sample App (opens new window) SessionTokenFlow (opens new window)
    Edit This Page On GitHub