The user signs in with Facebook After you complete the Configuration updates and then configure your app to load the Sign-In Widget , the Sign in with Facebook option appears. No coding is required.
When the user selects Sign in with Facebook in the Sign-In Widget, they’re directed to the Facebook sign-in page.
The user enters their Facebook credentials (email and password) on the Facebook sign-in page, which the Facebook platform hosts.
Note: You can use the Facebook test user account that you've created in Set up the Facebook test user .
Facebook redirects the user to your Okta org After the user signs in to Facebook, Facebook redirects the user. You defined the redirect location in the Valid OAuth Redirect URIs field on the Facebook developer site.
Note: The Valid OAuth Redirect URIs value for your Okta org is in the format: https://{yourOktaDomain}/oauth2/v1/authorize/callback
. See Create a Facebook app in Facebook for details on configuring the Valid OAuth Redirect URIs value.
The Okta org redirects the request to your app After your Okta org receives a successful Facebook sign-in request, your org redirects the request to your app's Sign-in redirect URIs setting.
Note: For the Java SDK embedded authentication sample app, the Sign-in redirect URIs is set to http://localhost:8080
.
Handle the callback from Okta Okta returns the interaction code to the Sign-in redirect URI that's specified during the create application step .
Request the tokens from Okta The Spring security framework doesn't understand the Okta interaction code flow. Therefore, your app needs to intercept Spring’s OAuth authentication code flow, exchange the interaction code that is obtained from Okta for an access token, populate the user profile attributes, and construct OAuth2AuthenticationToken.java
(opens new window) before handing over the authentication flow back to Spring.
In the following example, the helper function exchangeCodeForToken()
is used to obtain the access and refresh tokens.
Retrieve the user profile attributes with the access token object. Then, populate the Spring framework’s OAuth2AuthenticationToken
(opens new window) object reference to continue with the rest of the authentication flow. See the helper class method getUserAttributes()
(opens new window) .