Upon trying to add the above scope to my default authorization server (in the scopes tab) I get an error message saying that the name is reserved. Where am I going wrong here? Without request the above scope I can login fine. I’m just trying to read a Users API
I tried to add the scope to the Authorization Server/Scopes tab but received the ‘reserved name’ error. Is there somewhere else I should be adding this?
edit: It looks like i dont have the full permissions and i was missing the Okta API Scopes tab for the application.
The OAuth for Okta scopes can be used only on the org authorization server (eg. issuer set to https://yourOktaOrg.okta.com) which, in the example provided, is under ${Config.OktaBaseUrl}.
Also, the request needs to be Authorization Code flow instead of PKCE flow as described here, which would require a back-end server in order to successfully request the access token.
This pointed towards not having the scope available at all, and in the docs it states the recommended flow is Authroization Code flow rather than enforced (unless i’m missing something). Now about to try authenticate via the backend server, however this is a bit more of a pain being an SPA.
