This page describes the flow of requests, tokens etc. when using the Okta sign-in widget with a backend (such as Spring Boot) that's configured for OAuth2 based authentication.
If I have a web-app running on myapp.mycompany.com
and an Okta organization running on dev-993392.oktapreview.com
then there are 3 actors involved in the login flow:
- The server that serves up the
myapp.mycompany.com
pages. - Browser pages with origin
myapp.mycompany.com
. - Browser pages with origin
dev-993392.oktapreview.com