Fetching the User token

Questions OAuth/OIDC
1

I am trying to get the user token via Postman for the logged-in user: anurag.s.sinha@oracle.com. Tried with the below API.“https://dev-10159567.okta.com/oauth2/default/v1/token” but every time it ends up stating- {
“error”: “invalid_grant”,
“error_description”: “The authorization code is invalid or has expired.”
}

I have provided the grant_type, redirect_uri, client_id, client_secret and code. but still end up in the above error.
I am taking the code after I was logging in from the browser from the network API call and pasting it within 45 seconds.
Any help or information is appreciated. Thank you.

2

Any help is appreciated. Thank you.

3

Hi @harishdalmia can you test with this tool as well - https://oidcdebugger.com/ just to make sure it is not an issue with Postman.

4

Same 400 Bad Request.
Your request resulted in an error. The ‘redirect_uri’ parameter must be a Login redirect URI in the client app settings: okta-dev-10159567 - Sign In

5

Also after logging, i am getting the code in the browser but while using it, fails. same error

6

Hi @harishdalmia, thanks for sharing your sign-in link. Looks like you are requesting a code from the Okta Org Authorization Server - https://dev-10159567.okta.com instead of the Default Authorization Server that you mentioned (https://dev-10159567.okta.com/oauth2/default), when you initiated this post. Read about the differences here - Authorization servers | Okta Developer. The code will be considered invalid if you present it to the wrong authorization server’s token endpoint. Please confirm this is not the case. Also, I discuss common pitfalls with authorization servers here - https://www.youtube.com/watch?v=PASiA_2ChFU. Please let me know if this helps.

1 Like
7

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.