1: The user navigates to the sign-in page
When the user navigates to the sign-in page, the Widget
loads
and automatically displays the Sign in with Facebook button. If the Facebook button doesn't appear,
make sure that you have completed all the steps in Configuration Updates.
The following Sign-In Widget displays the Facebook button:
2: The user selects the Facebook sign-in link
When the user selects Sign in with Facebook, they are redirected to
the Facebook sign-in page.
3: The user signs in to Facebook
Once the user enters their credentials in the Facebook sign-in page, Facebook first validates the sign-in
request. If the sign-in is successful, Facebook redirects the request to the Okta org URL that you've entered in the
Valid OAuth Redirect URIs and Site URL fields. These field values, described in Set up your Okta org for a social IdP use case, have the following format: https://{yourOktaDomain}/oauth2/v1/authorize/callback
, for example, https://dev-12345678.okta.com/oauth2/v1/authorize/callback
.
4: Handle the callback from Okta
After Facebook sends the success login request to your Okta org, the org redirects the request
to your app through the Application's Sign-in redirect URIs field. This field was set up in
Create a new application. The application
code that connects the callback URL to a function is identical to the code described in
step 2 in
Basic sign-in using the Widget.
See that guide for more details.
5: Get and store the tokens and redirect the user to the default sign-in page
The next step is to get the tokens from the /token
endpoint using the
returned interaction_code
and the PKCE parameters. After the tokens are fetched,
store them in session for later use. The code that fetches and stores these tokens
is identical to the code described in
step 3 in Basic sign-in flow using the Widget.
See that guide for more details.
You can obtain basic user information by making a request to the authorization server.
Make a call to the /v1/userinfo
endpoint using the tokens
obtained from the LoginResponse
object's Token
property.