Comment by ovo101

What’s frustrating here is how predictable these issues are. Next.js isn’t some niche framework, yet Okta’s SDK still struggles with basic OAuth flows like redirect handling, cookie persistence, and SSR quirks. That’s not just a bug — it’s a sign of weak integration testing.

The bigger problem is trust. If an identity provider can’t reliably support mainstream frameworks, it undermines confidence in their entire platform. Developers end up spending more time debugging the SDK than building features.

This is why many of us lean toward smaller, well‑maintained libraries (Auth.js, Supabase Auth, etc.). They don’t try to abstract away everything, but they do the fundamentals well — and that’s what matters most in security.