Skip to content
Branch: master
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
.mvn/wrapper Added maven wrapper to the root project Dec 20, 2018
src Use consistant placeholders for okta properties Feb 28, 2019 Use consistant placeholders for okta properties Feb 28, 2019
mvnw First pass at v2 samples which use okta-spring-boot-starter Oct 20, 2017

Okta Spring Security & Custom Login Page Example

This example shows you how to use the Okta Spring Boot Library to login a user. The login is achieved through the Authorization Code Flow using the Okta Sign In Widget, which gives you more control to customize the login experience within your app. After the user authenticates, they are redirected back to the application and a local cookie session is created.


Before running this sample, you will need the following:

  • An Okta Developer Account, you can sign up for one at
  • An Okta Application, configured for Web mode. This is done from the Okta Developer Console and you can find instructions here. When following the wizard, use the default properties. They are designed to work with our sample applications.

Running This Example

There is a pom.xml at the root of this project, that exists to build all of the projects. Each project is independent and could be copied out of this repo as a primer for your own application.

You also need to gather the following information from the Okta Developer Console:

  • Client ID and Client Secret - These can be found on the "General" tab of the Web application that you created earlier in the Okta Developer Console.

  • Issuer - This is the URL of the authorization server that will perform authentication. All Developer Accounts have a "default" authorization server. The issuer is a combination of your Org URL (found in the upper right of the console home page) and /oauth2/default. For example,

Plug these values into the mvn commands used to start the application.

cd custom-login
mvn -Dokta.oauth2.issuer=https://{yourOktaDomain}/oauth2/default \
    -Dokta.oauth2.clientId={clientId} \

NOTE: Putting secrets on the command line should ONLY be done for examples, do NOT do this in production. You can put them in your application.yml if you're using a closed source control system. Otherwise, we recommend you store them as environment variables. For example:

export OKTA_OAUTH2_ISSUER=https://{yourOktaDomain}/oauth2/default
export OKTA_OAUTH2_CLIENT_ID={clientId}
export OKTA_OAUTH2_CLIENT_SECRET={clientSecret}
export OKTA_CLIENT_ORG_URL=https://{yourOktaDomain}

Then you can simply use mvn to start your app.

Now navigate to http://localhost:8080 in your browser.

If you see a home page that prompts you to login, then things are working! Clicking the Login button will render a custom login page, served by the Spring Boot application, that uses the Okta Sign In Widget to perform authentication.

You can login with the same account that you created when signing up for your Developer Org, or you can use a known username and password from your Okta Directory.

NOTE: If you are currently using your Developer Console, you already have a Single Sign-On (SSO) session for your Org. You will be automatically logged into your application as the same user that is using the Developer Console. You may want to use an incognito tab to test the flow from a blank slate.

You can’t perform that action at this time.