Okta React App

Okta

https://github.com/okta/samples-js-react/tree/master/okta-hosted-login

https://github.com/okta/okta-react/tree/master/samples

Sign users in to your SPA using the redirect model

OIDC – OpenID Connect.
Proof Key for Code Exchange (PKCE)
– Use this grant type for applications that cannot store a client secret, such as native or single-page apps.

Github Okta-Auth-Js Storage manager

Refresh the access and ID tokens

Auth JS fundamentals

function createAuthClient() {
  // The `OktaAuth` constructor can throw if the config is malformed
  try {
    authClient = new OktaAuth({
      issuer: config.issuer,
      clientId: config.clientId,
      redirectUri: config.redirectUri,
      scopes: config.scopes,
      useInteractionCodeFlow: true,
      tokenManager: {
        storage: config.storage
      },
      transformAuthState
    });
    if (config.startService) {
      authClient.start();
    }
  } catch (error) {
    return showError(error);
  }
}

Build a Secure SPA with React Routing

Integration guide describes how to integrate Okta’s API Access Management (OAuth as a Service) with Amazon API Gateway.

Sample Node.js implementation of an AWS Lambda custom authorizer for AWS API Gateway that works with a JWT bearer token (id_token or access_token) issued by an OAuth 2.0 Authorization Server. It can be used to secure access to APIs managed by AWS API Gateway.