Authorize end point throws error "404". As far as I understand, inorder to generate the SSO token for a user, the first step is to authenticate using username and passowrd, get an authorization code and using that I should generate an SSO token?

When I try authorize endpoint, I get a “404” error.
https://dev-23258028.okta.com/oauth2/default/v1/authorize?client_id=0oa5be5krmAk3nas5d7&response_type=id_token&scope=openid&redirect_uri=http://localhost:8080/authorization-code/callback&state=state-296bc9a0-a2a2-4a57-be1a-d0e2fd9bb601")

Any help would be appreciated.

I’m seeing a 400 when I follow it. Can you make sure you copied your client id correctly, as an invalid client_id can cause these unhelpful 400 errors.

Thank you for the response. Here is the client id:
client_id=0oa5be5krmAk3nVCN5d7

“https://dev-23258028.okta.com/oauth2/default/v1/authorize?client_id=0oa5be5krmAk3nVCN5d7&response_type=id_token&scope=openid&redirect_uri=http://localhost:8080/authorization-code/callback&state=state-296bc9a0-a2a2-4a57-be1a-d0e2fd9bb601”

Getting an error with that one:
http://localhost:8080/authorization-code/callback#state=state-296bc9a0-a2a2-4a57-be1a-d0e2fd9bb601&error=unsupported_response_type&error_description=The+response+type+is+not+supported+by+the+authorization+server.+Configured+response+types%3A+[code].

You’ll want to either enable Implicit grant - ID Token for the app in Okta OR switch your response_type to code to fix that error

I have modified the response type with code and it didn’t work either. I am pretty new to okta. I can get sessionToken from the ‘/authn’ end point. Also tried adding session token to the request that I have made. It throws “404” again. I have added certain users to the application that I have integrated with Okta. Is there any other way that I can provide the authorization token to the users with their username and password?

if you’re getting a 404, that likely means your URL is incorrectly formatted. Might be worth trying to walk through our guide to see if following the steps laid out there works for you: Implement authorization by grant type | Okta Developer and Implement authorization by grant type | Okta Developer

Hi @akshaya if you’ve enabled the authorisation code flow, have you also enabled PKCE for your app? If so, those calls were missing the PKCE parameters. You may need to generate a code verifier, then add a code_challenge and code_challenge_method.

Does anyone found solution for this issue.
Whatever I do, 404 error is not going away.

Which URL are you getting a 404 from?

Hi @PrashantK, yep it would be good to see the URL after your changes.

A few things to check:

• Do you have an access policy setup?
• Does it have rules which allow the same grant types you’ve setup on the application?
• If using PKCE, are you now sending code_challenge_method and code_challenge?
• Is that redirect URI in your allowed Sign-in redirect URIs list for the app?