have an application with type ‘Service’. was able to get the bearer token. but when trying to consume the api endpoint with the token, getting 400 error - Description: Clients with ‘application_type’ of ‘service’ are not allowed to access the ‘authorize’ endpoint. anyway to avoid this ?
why would you need to hit /authorize if you got your token already?
i dont have to authorize the token. i just need to hit the aws api endpoint (elb) by passing the token. when i try to hit the api endpoint, its happening in the backend and throwing the error -
Description: Clients with ‘application_type’ of ‘service’ are not allowed to access the ‘authorize’ endpoint.
trying to find a sample code on how to pass the token and hit the api end point. the one that i have in python is,
headers = { ‘accept’: ‘application/json’,
‘Content-Type’: ‘application/json’,
‘Authorization’: 'Bearer '+access_token} #access_token generated by passing client credntials
is this endpoint designed to support service applications? do you know why it seems to be making an authorize request to request a token itself?
Might help to get a better idea of what your use case/goal and environment is to see what your options are.
The end point is AWS - ELB Load Balancer. According to AWS documentation yes it is designed to support service applications. Authenticate method is OIDC.
My use case is machine-to-machine. I have a lambda function in python that gets something from snowflake database. the lambda would be triggered from ELB.
ELB is the endpoint exposed to internal client application, and am trying to have OKTA Client credentials authentication in ELB
@annamalai Please refer this discussion.
You need to have API Access Management enabled in your org (API AM is not free if you use production org) and create a custom server under Security >> API >> Authorization Servers