I have a server application, and the clients communicate with this server with a proprietary protocol which operates on TCP. It is not possible make any change to the existing client applications.
Currently the TCP connections are authenticated by the server application, with credentials stored in a database. I need to migrate user credentials to Okta from the database.
It appears that I can use Okta Authentication API in the server application to authenticate users. Also, none of the OAuth 2 flows or SAML doesn't seem to be suitable for my use case.
What is the best approach I can choose to use Okta to authenticate users in my user case?
If your server can see username/password in plain text, and can make http calls to Okta, then you can for sure use Okta for authentication. All you need is a call to /authn endpoint.
Make sure your password/mfa/authentication policies in Okta do not require 2FA and do not expire your password. Otherwise your server would need to be able to process responses from Okta, which would require MFA or change password