Create new token


We are not able to generate new access token from rest api and getting below response.
What is “Invalid client app id” for okta?
“errorCode”: “E0000013”,
“errorSummary”: “Invalid client app id”,
“errorLink”: “E0000013”,
“errorId”: “oae_DI329iMR4SahCSlTS4nTQ”,
“errorCauses”: []


Can you post the full request and response? I can’t tell what request you are trying to make.


Hi Nate,

Thanks for the response.

We are trying to create Okta Token from Postman/SoapUI with below request.


curl -v -H “Content-type:application/json”
-H “Accept:application/json”
-X POST https://{yourOktaDomain}/api/v1/tokens/
“username”: "",
“password”: “SecretPass”,
“clientAppId”: “0oafu4nt03Pyew3uS0h7”,
“deviceName”: “Sample Device Name”

Expected Response :

“token”: “00F-MBcxD2SC8tzXDCDZm2a04qtXLcFqtlrrPu6eVtxRs”

But we are getting below response with error code.

“errorCode”: “E0000013”,
“errorSummary”: “Invalid client app id”,
“errorLink”: “E0000013”,
“errorId”: “oae_DI329iMR4SahCSlTS4nTQ”,
“errorCauses”: []


The API you’re using is deprecated.

It sounds like you are trying to get an access token for a user who is logging into your application. Is that correct? Can you give me more details about what your application does and who logs in to it?

The OAuth 2.0 Resource Owner Password flow is very similar to what you are trying to do:

POST https://{yourOktaDomain}/oauth2/default/v1/token
Accept: application/json
Authorization: Basic ...
Content-Type: application/x-www-form-urlencoded



Hi Nate,

Thank you for your support.
we have tried as you have suggested in above chain and got below response.

    "access_token": "eyJraWQiOiI4T3A2ajBoRGtXSTM5QUdQWFBHdTlDUjFfTzBaVGZDVzVDMV9adDFsd0xVIiwiYWxnIjoiUlMyNTYifQ.eyJ2ZXIiOjEsImp0aSI6IkFULmhuMXRzVWZJLUMwQXRMX2xrZkJ1RExTMU54ZUNWOGJqTUZSVVVYMndNZ1kiLCJpc3MiOiJodHRwczovL2Rldi05NzQ5OTIub2t0YXByZXZpZXcuY29tL29hdXRoMi9kZWZhdWx0IiwiYXVkIjoiYXBpOi8vZGVmYXVsdCIsImlhdCI6MTUzMzg4Mjk0NywiZXhwIjoxNTMzODg2NTQ3LCJjaWdDAzUHlldzN1UzBoNyIsInNjcCI6WyJ3cml0ZSJdLCJzdWIiOiIwb2FmdTRudDAzUHlldzN1UzBoNyJ9.jk9gZ8vLYdvuoGK_J1KAE0LR1MXYCZwUv1R4FqGek9qdFZBYvMi_0buJLv-KwIvmbkw-J-tJvf8IrNHD7MliaQHwp5wjRzNwAXtRhmuY0Aq580jKwPEthbqYvZZGj3BsULisaMlFkk10M1bfQf9pUllNHeqX-ok6GVZ_n18Gn3mv164lUBJ1a5pCer9OX9JayKSlaL71j-f77_J-aeS2Z8XaYEwVhDQGJ03i-4ulXhdnZYEDhqXZNM_kVixRcyEJTH7uYAUCiaClrrlZI2vIDiDjO5kCB1_Ur4JKmY9J_fE1C_F8KNY5cuexZ9Sig06xm9cG5Mn_JHIR45g1I3-FPA",
    "token_type": "Bearer",
    "expires_in": 3600,
    "scope": "write"

But we are not able to create Custom Authorization server with below request. Will you please help us to Create Custom Authorization server.

curl -v -X POST \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: SSWS ${api_token}" \
-d '{ "name": "Sample Authorization Server",
      "description": "Sample Authorization Server description",
      "audiences": [
}' ""


Glad that worked! I’ll answer your question about creating a custom Authorization Server here: Authorization Server Creation Issue