ahmed hassan
Hi Matt,
I wondering if the user after login wants to update his profile, like update his ( username, email , photo, etc… ) how can achieve this approach.
Matt Raible
This post shows you how you can use our Java SDK to change a user’s data. https://developer.okta.com/…
Yijing Lin
Hi Matt, We are using Angular SPA with Spring Boot Web Api, we did setup in Okta for Anuglar SPA application, Currently it fails after authentication on Spring boot API call. We are passing Bearer token in the header when we make spring boot api call. It return 401 unauthorized error. The error happens in Spring security configuration. I can see the bearer token passed in the header when we makes the api call. Are there any other configuration needs to be done or information needs to pass in the header. Any help will be really appreciated.
Notes: The clientId and issuer in application.properties are the same as Angular Application. SecurityConfiguration was added to Spring boot application.
Matt Raible
If you’re using your org’s authorization server, you cannot validate its JWTs outside of Okta. This guide explains the difference between authorization servers.
I recommend using the custom default one to get things going. You can always customize it or create a new one later.
spence
Why is async ngOnInit being used. Adding that can impact the lifecycle of ngOnInit, making it unpredictable.
Matt Raible
Because this.oktaAuth.isAuthenticated() returns a promise. You can rewrite it to not use async/await if you like.
spence
In my scenario I am loading FormGroup, sometimes multiple times. I can compensate by changing the FormGroup methods to async and adding await to them in the ngOnInit. Then adding *ngIf to the template where the form is being used. Is this ok? Are there issues with writing the code this way?
I do understand why you have to use the async ngOnInit since this.oktaAuth returns promises. In my case I am using await this.oktaAuth.getUser()
Matt Raible
IMO, if it works and it’s testable, it’s good enough! This Stack Overflow Q & A seems to confirm it’s OK.
Mehdi Mahjoub
Hi Matt,
I’m using a custom authorization server. I’m able to geta token using the front-end. however, the backend is blocked and getting this error: 401
WWW-Authenticate: Bearer error=“invalid_token”, error_description=“An error occurred while attempting to decode the Jwt: This aud claim is not equal to the configured audience”, error_uri="https://tools.ietf.org/html…"
What should be done to use a custom Auth server ?
Thank you for your help.
Matt Raible
What is the audience configured for your authorization server? If you’re not using the default api://default, you might need to configure your SDK to use your audience.
That’s why we recommend using the “default” authorization server for our tutorials - because everything is already setup for you. You can also easily create a new developer account with the default server and use that for learning/experimenting.
Tekoiu
Hi Matt,
I’m trying to build an app with angular and django.
Is it possible to use my custom login page without using a redirect to okta or okta sign-in widget?
Matt Raible
You can build your own login form using our Auth JS SDK. For Django, you might try using its OIDC support with Okta.
spence
Is there a Java version of this?
Matt Raible
If you use the versions specified in this tutorial, everything should work. You can also download the completed example from GitHub.