Connect backendless login provider With Okta

iOS
1

Hello everyone. Currently, I configured a custom login provider, in my case I have configured it with Okta, in my understanding is that with a login provider, I might use backendless SDK for authenticating my users in Okta, how can I implement iOS SDK backendless with different login provider? I’m trying with okta auth 2 authentication methods Backendless iOS SDK. Bellow is my current provider configuration:

Screen Shot 2022-05-20 at 11.33.53 AM
Screen Shot 2022-05-20 at 11.33.53 AM593×637 37 KB

My okta configuration is working well, I’m authenticating my user correctly, but in the sequence when I try to connect with backendless provider, sending access params, connections appear to fail.

This is my login mechanism step by step

    func login() -> Promise<Void> {
        return Promise<Void> { [unowned self] (resolve: @escaping () -> Void, reject) in
            
            self.userStore.loginOkta().then { oktaStatus in
                
                guard let sessionToken = oktaStatus.model.sessionToken else { return }
                self.userStore.logInWithAuth2Client(sessionToken: sessionToken, completion: { manager in
                    print(manager) <- This is fine
                    guard let accessToken = manager.accessToken else { return }
                    self.userStore.loginWithAuth2Backendless(accessToken: accessToken).then { user in
                        print(user) <- Error
                    }
                })
            }
        }
    }

Request

Backendless.shared.userService.loginWithOauth2(
                providerCode: "okta",
                accessToken: accessToken,
                fieldsMapping: [:],
                stayLoggedIn: true,
                responseHandler: responseHandler,
                errorHandler: errorHandler)

Error

Error Domain=BackendlessErrorDomain Code=3109 "GUID: 638FA692-E155-6C52-FFF2-B6DD9C19B900
 Error during obtaining user data.
 Response from OAuth2 provider server: Bad Request
" UserInfo={NSLocalizedDescription=GUID: 638FA692-E155-6C52-FFF2-B6DD9C19B900
 Error during obtaining user data.
 Response from OAuth2 provider server: Bad Request
}

Backendless Version 6.6

Client SDK iOS

Expected Behavior

  1. Login with okta (success)
  2. Okta retrieves the access token
  3. Login with Backendless with a valid access token using the auth2 authentication system
  4. Login provider configured will validate access token with okta
  5. Okta will respond with success or error
  6. Backendless provider will respond with a valid authenticated user

Actual Behavior

Please provide a description of what actually happens, working from the same starting point.

Be descriptive: “it doesn’t work” does not describe what the behavior actually is – instead, say “the request returns a 400 error with message XXX”. Copy and paste your logs, and include any URLs.

  1. Login with okta (success)
  2. Okta retrieves the access token
  3. Login with Backendless with a valid access token using the auth2 authentication system (Here is the error)

Greetings!!

2

Thank you for the problem report. Please let us know if we can try out your Okta login provider in your app to diagnose the issue further?

Regards,
Mark

3

There is no problem, what do you need to do that?

4

I am confused. Isn’t this a problem?

Connect backendless login provider With Okta - iOS - Backendless Support 2022-05-20 13-27-58
Connect backendless login provider With Okta - iOS - Backendless Support 2022-05-20 13-27-58918×555 99.6 KB

5

Yes, that’s the server response

6

If you would like us to look into it, please let us know if we can use the Login provider you already configured in your app.

7

Yes, you can… no problem, what do you need from my side?

8

Nothing more, just your permission. We will assign an engineer to look into the problem and investigate it. You will be hearing from us sometime next week.

Regards,
Mark

1 Like
9

Hi @Norman_Arauz ,

It looks like you obtaining your token with wrong claims. What scopes did you request for token? I requested next scopes for access token openid%20profile%20email.

I checked integration with Okta in my application and found no issues with it.
I used this approach for check Initial Configuration - Backendless REST API Documentation

Full configuration looks in the next way:

image
image807×871 48.6 KB

Regards, Andriy