Connecting Okta with Odoo using Oauth

Hello, I have a question regarding connecting with Odoo.

It is possible to setup a Oauth provider in Odoo. I would like to use Okta for this. However, the Odoo application in Okta does not provide support for this so I have to setup a new application.​

The problem I am facing is that for this setup, Okta is referencing to the documentation of Odoo (in this case). However Odoo does not have sufficient documentation about this. Because of that, I do not know where to find the endpoints necessary to setup this application.

Hopefully someone has experience with this and can help me out. Thanks in advance.​


I am not able to find specific information for this integration.
I assume you most likely would want to create an OIDC Web App in Okta.
This will give you the client_id / client_secret.

To get the endpoints needed by Odoo you can use your Orgs discovery endpoints.

For the Org Authorization Server it would be,

For a Custom Authorization Server it would be (if using the predefined default authorization server),

Differences between the authorization servers can be found here.

You most likely will need to experiment a bit to see if a custom authorization server is required and the scopes/claims the integration may need if it is not documented.

Hope that helps.

1 Like

Thanks for your help Eric!

I have used the links from my Org Authorization Server:

These are the same as I was using before. Am I making any mistakes in one of the endpoints?

In the system log, I get the error “unsupported_response_type” when trying to use the Okta widget in Odoo. I found somewhere on the Developer Forum that activating ‘implicit (hybrid)’ fixes this issue. However, this changes the error to ‘invalid_nonce’


When you test could you open the browsers dev console and select the network tab.
One of the calls will be to the /authorize endpoint.
If you could include the full request URL it would be helpful to know what Odoo is sending.

Thank You,{"d"%3A+"shadowzone"%2C+"p"%3A+4%2C+"r"%3A+""}


Okta requires a nonce value if the return type is token.
It looks like Odoo is not sending a nonce as part of the authorize parameters.

Is there an option in Odoo to either add a nonce if doing and implicit flow, or an option to do an authorization code flow instead?

1 Like

I have added an image with everything I can configure.


hey @jordy.pouwels It seems like odoo have a ticket open for something similar Oauth authentication uses Implicit Flow without nonce · Issue #63750 · odoo/odoo · GitHub.
You may need to extend some of odoo’s oauth addon libraries (odoo/addons/auth_oauth at 16.0 · odoo/odoo · GitHub) yourself to allow a generate a nonce value for the /authorize request and validate on the redirect back.

1 Like

Thank you Eric and dawoudt for the useful support. This is clearly a problem on the side of Odoo and I have opened a ticket with them to (hopefully) resolve this issue.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.