I am using the below code :
https://github.com/oktadeveloper/okta-android-example/commit/5d01efe98b9a73937c8eeec92797117ad1f8a72b
for testing okta authentication, but it redirects me to the okta website for authentication and i would like to make it such that I don't get redirected for authentication, but remotely authenticate based on the credentials I enter in my app which upon verification and successful login send me over to my app dashboard. Currently based on the above code, i am getting redirected to okta, i enter my credentials and then it kicks me back to the app which is not a very good flow. Anyone has any experience with this or any ideas how I can avoid redirection or any good examples online I can test out with ?
What you're describing is standard OAuth2 flow which is designed to ensure user never enter their credentials directly in the application. The intention here is to avoid your application being able to capture/cache the user credentials, which is really what the credential owner ( the user ) wants. OAuth2 is designed around redirecting the user to their identity provider, entering their credentials there, and authorizing the application to access resourcs on their behalf. It's a standard pattern these days.
However, for 1st party applications where there is trust there's an existing OAuth2 flow that will do what you want called the resource owner password flow. I'm not recommending you implement it, but it will allow you to capture the user credentials locally and recieve appropriate tokens in the response. https://developer.okta.com/authentication-guide/implementing-authentication/password