Hi Okta team ,
We have a react app using auth code with pkce . When user is not assigned to an App they are getting an endless loop to /login/callback and /authorize endpoint with error “User is not assigned to an app” . I don’t understand why I’m getting the loop . This is causing Okta rate violation limit . Please help me with the issue below you have a screenshot of implementation what am I doing wrong ?
Hello,
It looks like your customAuthHandler checks if there is a previous authSate or if the user is not authenticated and does a redirect to login if not. If you have your secure route setup so that when a user accesses your application (/*) it checks for authentication and redirects if not.
Then when the user redirects back to Okta with the error your app page will reload, see the user is not authenticated and go through the loop again.
I suggest viewing the sample React Apps.
Thank You,
Hi Eric,
I have followed your React samples so it’s pretty much the same . The only thing that is different is the routing . I can’t do any modification on routing because the app is on production . Do you have any workaround solution for the above problem or I should create a meeting with your team ?
Thanks
Hello,
The behavior for OAuth applications is to redirect to the redirect_uri from the authorize call with the error message.
The recommendation would be to either update the application as soon as possible to either change the secure routing, or check for an error message and behave accordingly depending on the error without attempting another authorize call.
For now possible options would be:
Thank You,
Hi Eric,
Third option will work for our scenario .Thanks @Eric for you help ! You can close the thread
Thanks
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.
