Krasimir Hristozov
Hi, this is OAuth, not SAML
khan aqib
Identity Provider: Unknown
Error Code: invalid_request
Description: The ‘redirect_uri’ parameter must be an absolute URI that is whitelisted in the client app settings.
how can i make http://localhost:8000/ to whitelist. there is no setting when we create app
I updated all the setting as mentioned in above blog post.
i check this also but not getting things
Matt Raible
Are you sure you have an Okta developer account? You might have an IT Trial account, which is different.
khan aqib
i created developer account last time as discussed with samir kirouani. you can still check
Matt Raible
You should be able to log in to your Okta developer account, go to Applications, select your app, and modify its login redirect URIs.
khan aqib
I am doing same. u can check screenshot also. i did counter check with env file also
khan aqib
now i m getting this error also. Method App\Http\Controllers\Auth\LoginController::showLoginForm does not exist.
in logincontroller there is no such function as per above blog post
Matt Raible
According to this post, you should have http://localhost:8000/login/okta/callback for your Login redirect URI. You have have http://localhost:8000/authorization-code/callback.
khan aqib
Thank you so much Matt Raible.
can we control usergroups to access multiple sites? i mean each group can access own site ?
Matt Raible
Yes. You should be able to add a “groups” claim to your authorization server. I usually add it to my ID token. If you’re using a good framework (for example, Spring Security), it’ll automatically process the claim’s values into roles/authorities and you can then segment access based on that.
khan aqib
vendor/auth0/auth0-php/src/Auth0.php:263
when i logout from the domain test.domain.com it showed invalid domain Auth0\SDK\Exception\CoreException
Rest is working fine
Matt Raible
Why are you using Auth0’s SDK with Okta?
khan aqib
I installed it before for passport. but later on we decided to go for okta service.
I have same setup on another domain that is working fine. logout is also working fine
khan aqib
I removed auth from composer and did update composer file. it worked fine.
adam rahmat
Hi, thank you for your guide. I’m able to logout from the app, but not from okta. There’s no clear guide on how to logout, from the documention, it has ${baseUrl}/v1/logout?id_token_hint=${id_token} , but where can I get this id_token_hint?
nalenb
I’m having a problem adding Okta to a Laravel 6 app. I went through all the steps above, created my developer account and was able to login. I then added https to the site locally and changed my urls in Okta to use my local https url of https://mysite.test. This all worked fine too, I could login and it allows me to work and test locally using https.
Then I changed my OKTA_* .env file values to be the real ones for the client I’m working on and it won’t complete the login. On my local machine I go to the local site https://mysite.test and it properly redirects to the Okta login page for my client. But once I login, I get an error: cURL error 60: SSL certificate problem: unable to get local issuer certificate. I’ve researched every single google link and tried every solution, but nothing gets me past this error.
I’ve tried this on Windows using Xampp and Laragon. I’ve also tried it on 2 different Macs using the default brew php, mysql, composer, laravel and valet (which uses nginx).
It’s working for my own developer account, but not the client’s account. Any ideas where I can look to resolve this?
Bilal Haidar
Integrating with OKTA as such is free of charge? So any user on OKTA can login to the app? Thanks
Matt Raible
Yes, you can create a developer account and get up to 1000 monthly active users for free. You can enable self registration and anyone can sign up.
Automica Canonical
Did you manage to work this out? i can see we’ve got a token when we login but I try to use the same token to logout,
on the following {{url}}/oauth2/v1/logout?id_token_hint={{id_token_hint}}
but i get a json response with: “errorCode”: “invalid_client”,
Automica Canonical
@disqus_AfkvdNgkK1 how are you handling logout at okta? What did you do to extend
public function logout()
{
Auth::logout();
return redirect(’/’);
}