evilpete
I added 2nd Login redirect URIs of “http://127.0.0.1:5000/oidc/callback” and it started to work.
the hint that this was the problem was the calling URL containing the error message having the string “redirect_uri=http%3A%2F%2F127.0.0.1%3A5000%2Foidc%2Fcallback” embeded in it
Bad Sum
Thanks for the info. Could you please share the example of fully logging out or point to where I can get further information? I looked up Okta Python SDK (https://developer.okta.com/…, but I could not figure it out from there.
Matt Raible
Hello Giuseppe,
Can you please post this question to our Okta Developer forums with more details? It’ll get more eyeballs on it there.
Matt Raible
To fully logout, you can hit the /logout endpoint with an ID token in the id_token_hint parameter. See our API docs for more information. You currently have to hit this URL from a browser, not from the server. I show how to do it (in Java) in this tutorial.
Yousef Shanawany
Hello. We completed this tutorial and got our application running with authentication working. However, users are logged out automatically sometimes and we don’t want this to happen. Is the timeout length set somewhere? How can we modify it?
Brett M
Hi Matt, is the ID Token retrievable from the okta python package or is this function something that a person would need to write themselves?
Matt Raible
I’m not sure as I haven’t used the Okta Python package. I’d suggest you open a new issue in its GitHub project and ask your question there.
Erik Akert
I did find that if you’re doing this on windows, using http://127.0.0.1:5000 instead of http://localhost:5000 fixes the redirect issue.
Jasbir B
Tried to create an application but it does not seem to try and authenticate the user. Clicking Log In/Register goes to the Okta login page. After you log in successfully, it returns
error=access_denied&error_description=User+is+not+assigned+to+the+client+application.
I tried to add the user through the Admin page, but that did not make a difference. There is no entry in the log.
Matt Raible
I would try assigning the “Everyone” group to your app and see if that fixes it.
Jasbir B
Thanks but tried that already
Jasbir B
I found that I made several errors while transcribing the code fragments in the article. Is this code available for download as a standalone application? That would really help reduce typo errors.
Gilad Katan
Awesome, it is working - but! only on localhost.
I tried now to change the configurations so it will work on my public website and it is not working.
I created a new application (in okta’s UI), filled my url instead of localhost:5000:
1. "Login redirect URIs ": "http://app.mywebsite.com/oi…"
2. “Initiate login URI”: "http://app.mywebsite.com/oi…"
I changed the client id, the secret and the redirect_uris within the json file with the new values and it is not working. I’m getting 500 Internal Server Error page.
What am I missing? Thanks!
Randall Degges
You also need to create a trusted origin in Okta’s UI.
Randall Degges
In this case, that must mean that your cookies are disappearing from the browser. You can change the cookie duration as well as many other settings by modifying the Flask-OIDC configs: https://flask-oidc.readthed…
Rykung
Ran into this issue with SSL TLS version after attempting okta login
https://www.codepile.net/pi…
Please help! thanks
Matt Raible
Did you figure out the problem or are you still having issues?
Asha Aher
When I click on login/Register it gives me 404 error, May I know what I am doing incorrect
Thao Nguyen
great tutorial. 1 question, if i don’t want to use UI, but use cURL to send request to protected endpoint with @oidc.require_login, i.e. /dashboard, what params do i need for the cURL request?
Matt Raible
You should just need to send an access token in an authorization header with a “Bearer “ prefix. For example:
curl -v -X POST -H “Authorization: Bearer ${access_token}”