Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

<@U03CFAS0T2S> Are you trying to write a login/sign up for the SPA, or are you looking for service authorization, or rule based api protection, or SSO?  Ory does all of the above. We are not Okta experts at Iry but many in the community used Okta in the past. 

We already have a corporate sign in page and our SPA is already hooked up to sign in through OIDC + PKCE flow. No need for a solution to host a UI or be the IDP


What's missing is auth on the API side. I'm not clear on the flow and setup needed to have UI login through OIDC and use that identity to retrieve authorization into our API. It seems like we need an endpoint on our auth API to take an Okta token, verify it, then if valid exchange for an application access token.