App Embed Link returning 401

Hi, Ive been googling/stackoverflowing all day. what do I need to get the App Embed link to work? What grant types or what setting am I missing ? Any guidance would be greatly appreciated.
Here are my settings in my dev account.

You may want to check out this guide that talks about the “OIDC Compliant” option and how to configure your application: Develop a Custom OpenID Connect Application that Can Support SSO when Launched from the Okta Dashboard | Okta Help Center

Hi thank you for your reply, but as you can see in my initial screen shots (the 2nd screen shot), that is already set to “Redirect to app to initiate login (OIDC Compliant)”. Any other places to look? Ive checked all the areas and cant find anything standing out to block this.

That you are getting a 401 after following the App Embed Link makes me wonder if you’re just running into an issue with the username/password you’re providing.

Can you otherwise log directly into the same Okta org with these credentials? Is this issue specific to the application in question? Are you able to share which endpoint is returning a 401 (check Developer Tools → Network tab for details)?

1 Like

these credentials are the admin account creds for my account so they should be working fine.

I hate to ask the obvious, but is the user you’re attempting to login as assigned the application in question?

I wasnt but then I added that user to the app but still getting the 401 in the javascript console at the fetchRequest.ts line 72.
When adding that user to the app, I got the following error: “It is not possible to assign users to an AppInstance that has Federation Broker Mode enabled”. So I disabled that and saved the user to the app. and tried again and still 401 error.

Can you also double check that your user is in ACTIVE status? You can encounter a 401 like this if the user is still in a different status that prevents them from logging in

i tried changing my password for 2 different users and no emails to reset the passwords ever came in after 30min still and its just stuck in password reset mode and not Active.

ok, I found the reset all password option and did that, got the reset email and now im able to login.
Not sure how to get the user profile now, theres only an iss querystring returned. if you have a direct link to the dev documents with the next steps, I will move on. thanks for your assistance.

1 Like

When using the “OIDC Compliant” option, your application will still need to initiate an /authorize request to log the user into your app, Okta will not do so for you (this is to align with the OIDC spec for Third-Party Initiated Logins). There’s some more info and ways you can implement this in your app here: Develop a Custom OpenID Connect Application that can Support SSO when Launched from the Okta Dashboard

Once the flow is completed, you will get tokens back and can decode the ID Token and/or make a request to Userinfo to get the user’s profile information