Redirect to the sign-in page

To sign a user in, your application must redirect the browser to the Okta-hosted sign-in page. You can do this when a user visits a protected route or when the user clicks a button to sign in.

• ASP.NET
• ASP.NET Core 2.x
• ASP.NET Core 3.x
• Go
• Node Express
• PHP
• Spring Boot

By default, the redirect to the login page happens automatically when users access a protected route (by default, Spring Security protects all routes).

You can give the user a Sign In button or link. The link must navigate to /oauth2/authorization/okta:

<a href="/oauth2/authorization/okta">Sign In</a>

The user is redirected to the hosted sign-in page where they authenticate. After successful authentication, the browser is redirected back to your application along with information about the user.

Note: To customize the hosted sign-in page, see Style the Widget.

You can also define protected routes or areas of your application that will always require authentication.

Next: Require authentication