Use the access token

Mobile apps need to send requests to one or more APIs to perform actions and retrieve information. The token issued by Okta helps you call your API securely. By attaching this token to outgoing requests, your API can authenticate them (ensure that the user is signed in to perform an action) and authorize them (ensure that the user is allowed to do an action).

In your mobile app, make sure that you place the access token in the HTTP Authorization header of outgoing requests using this format:

Authorization: Bearer {token}

Your API must check for valid tokens in incoming requests. To learn how to protect your API endpoints and require token authentication, see Protect your API endpoints.

• Android
• iOS
• React Native

You could create a callMessagesApi function that makes an authenticated request to your server. The access token is automatically used in the request properties by the authorizedRequest method.

private void callMessagesApi() {
    Uri uri = Uri.parse("https://{resourceUrl}");
    HashMap<String, String> properties = new HashMap<>();
    properties.put("queryparam", "queryparam");
    HashMap<String, String> postParameters = new HashMap<>();
    postParameters.put("postparam", "postparam");

    sessionClient.authorizedRequest(uri, properties, postParameters, HttpConnection.RequestMethod.POST,
        new RequestCallback<JSONObject, AuthorizationException>() {
            @Override
            public void onSuccess(@NonNull JSONObject result) {
                //handle JSONObject result.
            }

            @Override
            public void onError(String error, AuthorizationException exception) {
                //handle error
            }
    });
}

If you don't want to use the authorizedRequest method and just want to get the access token:

String accessToken = null;
try {
    Tokens token = sessionClient.getTokens();
    accessToken = token.getAccessToken();
} catch (AuthorizationException e) {
    //handle error
}

if (accessToken != null) {
    //use access token
}

Next steps