Error 400 When Making Postman API Calls to Okta REST APIs Integrated with Microsoft ADFS (MFA)

tnguyen571 · December 23, 2024, 12:30pm

I am creating Okta REST APIs with Postman, following the documentation at https://developer.okta.com/docs/reference/rest/*get-an-access-token-and-make-a-request.

However, when I attempt to call Get New Access Token, I receive a 400 Bad Request response.

My URL is:

“oauth2/default/v1/authorize?response_type=code&client_id=xxx&state=2&scope=okta.users.read&redirect_uri=xxx&code_challenge=xxx&code_challenge_method=S256”

There are no apparent errors in the System Log.

Pls suggest a possible root cause.
Thanks

andrea · December 23, 2024, 7:28pm

Remove /default from your request path. When requesting okta.* API scopes, you MUST use the Org Authorization Server and not a Custom Authorization Server. The ‘Default’ server you are trying to use is actually a Custom Authorization Server and is not the same thing as the Org Authorization Server.

More details in our docs here about how to Implement OAuth for Okta: Implement OAuth for Okta | Okta Developer

system · January 22, 2025, 7:28pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Post		Replies	Views
Getting 400 without any error body while calling the api/v1/users endpoint post successful login Questions	4	1447	January 21, 2024
"The authorization server id is invalid" error while trying api endpoints using Postman Questions	6	6764	February 17, 2022
400 Bad Request calling Authorize Questions	2	3441	February 10, 2024
400 bad request for /authorize endpoint OAuth/OIDC api , python	2	7494	February 15, 2024
400 Bad request for generating a token in postman Questions	4	6815	February 8, 2024

Error 400 When Making Postman API Calls to Okta REST APIs Integrated with Microsoft ADFS (MFA)

Related topics