Okta is requesting for the JWT and the system is giving the response in this format:
“scope”: “openid profile”,
Here JWT is included in the “access_token” key. But after the JWT call,Okta should call JWKS endpoint.But that is not happening.I have confirmed this from my server side.
At the okta system log “invalid_state” error is coming. It is a generic error.We are not able to see what exactly is happening at the Okta side when we are responding with that response.No error is coming at our server side after sending the response.
“invalid_state” error is coming in the okta logs
What maybe the reason for this?
Is the response structure wrong ? we are just sending that response in the json form
Do we need to send anything else with the response other that JSON response?
I hope someone will help us to rectify this issue