Authorization Code grant with PKCE

Questions OAuth/OIDC
1

Hello,
I have downloaded the below github sample code for testing PKCE. And created application in okta with clientID and client auth as None and PKCE option selected as “Required PKCE as additional verification”.

How can I get the authorization code and exchange the code for tokens.

https://https://dev-123456.okta.com/oauth2/default/v1/authorize?client_id=0oacyditct9UPr123456&response_type=code&scope=openid&redirect_uri=http://localhost:3000/&state=state-8600b31f-52d1-4dca-987c-386e3d8967e9&code_challenge_method=S256&code_challenge=OWQzNWNjZjYwODNlNDc1ZGUzMTM1MmQ5OWZjNDBiY2QxNDA5MDc1NTgwNGI4YjZjNGQ5M2VlMDc2MDY0MWM5ZA==

Can someone help me how I can test this. I tried with postman it’s not working.

Thank you.

2

Have you tried following this guide: Implement authorization by grant type | Okta Developer?

3

Yes I tried this guide and not able to get the authorization code. If possible can you please share a sample code to test this.

Thank you.

4

The Authorize request should be made in the browser, because the user needs to complete primary authentication and get an Okta session to get a token back. If you make the authorize call that way, can you get the auth code (sent back to the redirect_uri)?

5

Thank you so much for your response. I did the Auth RQ through browser using redirect_uri. Now I am able to get the auth code in the browser. And using this auth code I am able to get the access_token using code_verifier.

6

How can I get the user role from an authenticated user? Im using nextauth for that and I’m getting the jwt successfully but no user role it’s available. Or should I request an api for that using the user Id? Which one? What api token should I use?

7

Can you open a new thread for this question?

8

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.