Thao Nguyen
I managed to get access_token from the docs. but my cURL to /dashboard returned 302Found, meaning i still need to login via login page to access the endpoint. is there any other library that make me logged in or authorized via cURL, not UI?
Paul Varcoe
use 127.0.0.1 instead of localhost on the okta application settings area. Took me half a day to work this out.
Michael Robinson
I’m having this same issue and putting 127.0.0.1 in the settings didn’t fix it.
Edit: I fixed the 404 and am now getting the 400 error.
Paul Varcoe
try 127.0.0.1:5000
Raghav
Unfortunately does not work. Same 404 error, what a waste of time!
Joël Franusic
Hi Raghav. Sorry about the issues you were running into. I was able to get the code in this blog post working after making two changes:
1: Removing the period (".") before the names the url_for() functions
2: Changing app.config[“SECRET_KEY”] to app.secret_key
Please make sure that your app.py looks like the one below:
from flask import Flask, render_template, g, redirect, url_for
from flask_oidc import OpenIDConnect
from okta import UsersClient
app = Flask(name)
app.config[“OIDC_CLIENT_SECRETS”] = “client_secrets.json"
app.config[“OIDC_COOKIE_SECURE”] = False
app.config[“OIDC_CALLBACK_ROUTE”] = “/oidc/callback"
app.config[“OIDC_SCOPES”] = [“openid”, “email”, “profile”]
app.secret_key = “0averylongrandomstring"
app.config[“OIDC_ID_TOKEN_COOKIE_NAME”] = “oidc_token"
oidc = OpenIDConnect(app)
okta_client = UsersClient(“https://dev-1234567.okta.co”, “00yourtokenhere”)
@app.before_request
def before_request():
if oidc.user_loggedin:
g.user = okta_client.get_user(oidc.user_getfield(“sub”))
else:
g.user = None
@app.route(”/”)
def index():
return render_template(“index.html”)
@app.route(”/dashboard”)
@oidc.require_login
def dashboard():
return render_template(“dashboard.html”)
@app.route("/login")
@oidc.require_login
def login():
return redirect(url_for(“dashboard”))
@app.route("/logout")
def logout():
oidc.logout()
return redirect(url_for(“index”))
Here is what the diff command shows as being different between these two files
— a/app.py
+++ b/app.py
@@ -7,10 +7,10 @@ app.config[“OIDC_CLIENT_SECRETS”] = “client_secrets.json"
app.config[“OIDC_COOKIE_SECURE”] = False
app.config[“OIDC_CALLBACK_ROUTE”] = “/oidc/callback"
app.config[“OIDC_SCOPES”] = [“openid”, “email”, “profile”]
-app.config[“SECRET_KEY”] = “{{ LONG_RANDOM_STRING }}”
+app.secret_key = “0averylongrandomstring"
app.config[“OIDC_ID_TOKEN_COOKIE_NAME”] = “oidc_token"
oidc = OpenIDConnect(app)
-okta_client = UsersClient(”{{ OKTA_ORG_URL }}”, “{{ OKTA_AUTH_TOKEN }}”)
+okta_client = UsersClient(“https://dev-1234567.okta.com”, “00yourtokenhere”)
@app.before_request
@@ -35,10 +35,10 @@ def dashboard():
@app.route(”/login”)
@oidc.require_login
def login():
- return redirect(url_for(".dashboard"))
+ return redirect(url_for(“dashboard”))
@app.route("/logout")
def logout():
oidc.logout()
- return redirect(url_for(".index"))
+ return redirect(url_for(“index”))
Christian Salway
This initially didnt work for me but I changed localhost to 127.0.0.1 throughout in Okta and in my local config and it worked.
Ayushi
I am getting the same error 
Did not find any resolution !
Ayushi
I was not having any issues in getting the app to run, but once I click on the Login/ Register link it gives me a status code of 404
Not Found The requested URL was not found on the server. If you entered the URL manually please check your spelling and try again.
Any solution to this ? Could there be any setting on the Okta account that I am missing? I have added the additional redirect uri for login in Okta Application. I even tried granting some scope permissions to my web app. No use.
Viktor Kessler
trying the code above but I got
from okta import UsersClient
ImportError: cannot import name 'UsersClient’
Is client obsolete?
I have okta 1.0.3
kaganirez
i am not sure if its the same thing but i run into the same issue. if you installed using “pip install okta” it gives import error as you typed above.
Use specificly : “pip install okta==0.0.4” and it will solve your problem
Raghav
Thanks man. It works now. I did need to change “localhost” from everywhere to 127.0.0.1. I think, this tutorial really needs some updating. So many people have had trouble making it work but it should have worked easily.
For all that are having issues with 404 errors. I had the same issue when I first launched the application. The fix was adding https:// to the ALL org urls used in the client_secrets.json file.
Hello. I hope this thread is still being looked at! I’ve been trying to get the Flask/Okta tutorial working, and am seeing an error - an Okta web page is displayed with the message “400 Bad Request your request resulted in an error” with a link to the Okta Home Page for my account.
The URI displayed in the browser is:
(I dummied up the domain part as well as the client id part…
Any guidance would be greatly appreciated.
AARRGGHHH!!!
Never mind. I discovered I was using the wrong ClientID/ClientSecret! I was sing something from my Google Dev acct, and switched to the correct one from my Okta dev acct.
I don’t get the 400 error anymore.
Hey folks, for anyone in 2022 struggling with the 404 on login – make sure that the “org URL” you’re supplying to both Flask-OIDC and Okta client contains schema and not just the domain name (i.e. “https://dev-xxx.okta.com”)
I am receiving Not Authorized error could you please help
File “-/newvenv/lib/python3.9/site-packages/oauth2client/client.py”, line 2089, in step2_exchange
raise FlowExchangeError(error_msg)
oauth2client.client.FlowExchangeError: invalid_grantThe authorization code is invalid or has expired.
Hi @Jyothsna! Apologies for the delayed response. Can you tell me what versions of the following you are using?
Flask
flask-oidc
okta
I’m using the following, and it works for me:
Flask 3.0.0
flask-oidc 2.1.1
okta 0.0.4
Also, what does your callback URL route look like?