Embedded Okta Signin Widget - To Catch the /authorize call error on client side

I am using Embedded Okta signIn widget on client side like below -

var signIn = new OktaSignIn(
  {
    issuer: 'https://{yourOktaDomain}/oauth2/default',
    clientId: '{{clientId of your OIDC app}}',
    redirectUri: '{{redirectUri configured in OIDC app}}',
   ....
  }
);

On submit of form, The widget uses a /authn call (POST username and password) to post in the credentials after /authn call, widget call uses a /authorise call.

Lets say if /authorize gets failed in any case then how we can catch the /authorize call error on client side.?
In my case /authorize gets failed and it stays on okta domain page , refer below screenshot -

I want is that when /authorize call gets failed then it should redirect to my login page and show the error on my login page.

Thanks

Looks like it says client_id=undefined in the /authorize request, which is causing this 400 error.

400’s errors mean the /authorize request was invalid, primarily due to an invalid redirect_uri or client_id or an otherwise invalid request URI. Other errors will result in a 302 (per spec) and will be returned back to the application (to the redirect_uri), such as if the user is not assigned the application

@andrea
I have purposely added client I’d as undefined.
I want is that, if someone pass the wrong client_id or miss to pass the client_id then how we can catch the error on client side, because if Authorize call fails then it stays on okta domain url.
My requirement is that if /authorize call fails then it should redirect to my login page with error mentioning the reason for authorize call fail.
Let’s say for example, if user passes the wrong client I’d then via /authorize call it should redirect to my application with error mentioning “Invalid client I’d”
Is this possible with embedded Okta SignIn Widget?
Or is there any other way to validate the client_id ?

Thanks

You can validate the client_id by checking the .well-known endpoint, ala https://oktaDomain/.well-known/openid-configuration?client_id=xxxxxx. If its a valid Client ID, the metadata for that Authorization Server/client will come back

1 Like

@andrea
It works. Thank you for help.
I have tried to find the endpoint, but no luck. Its not mentioned in Okta API documentation.
From where you have got this endpoint ? Would you please share the link?

It’s documented here, and the request example below that shows a client_id being passed in

@andrea
Ahh! I was referring the same doc, but I think I missed the endpoint.
Anyways! Thanks alot for help. :slight_smile:

1 Like