Hi,
I’m facing 403 error after my accessToken is expired and try to redirect to /login/callback, I’ve implemented some debug and console.log to check where was the issue:
After I go through the devTools>Application and delete all the cookie related at okta, my browser works fine.
What can I do to fix this issue? I’ve tried reloading, clean token, etc… and doesn’t work.
Environment::
“@okta/okta-angular”: “^5.0.0”,
“@okta/okta-auth-js”: “^5.10.0”,
Are you combining an Angular SPA with a backend that’s receiving the Access Tokens (where the 403 could logically come from)? What is causing the application to attempt to redirect to /login/callback instead of to a login route for the app to initiate a new OAuth flow?
Yes, I’m using backend to validate de token but after my token expired, I’m trying to redirect to my login page(callback is redirecting it) with redirect_uri.
Are you catching the error when the backend throws a 403 at all? Should be simple enough to do so and redirect users encountering the 403 back to your application’s login page (which should not be the same thing as the callback route).
It’s not too simple because when I catch the 403 I can’t delete the cookies and the Okta is handling the redirect route with params like this:
https://</url/>/login/callback?code=</code/>&state=VMhgbfDUIz68IegUoeJTWugdbr358V0rOvSI1DYOKxdoxlcAKXxdZNa8PKZ9h8wz
How can I stop this redirect with params though?
oh, so you’re seeing an authorization code sent back to the callback? I’m guessing you also see an /authorize request in the network events that lead to this redirect. This looks like we’re already trying to renew the tokens for the user.
Is the callback route able to make the /token request to exchange the authorization code for tokens? or is the last request to Okta you see an /authorize call?
Is the callback route, I’m using the OktaCallbackComponent to do it.
I’ve called /authorize when I login:
And then request to redirect:
I’ve tried to redirect to my login page but I always get the navigation by okta and then get 403
