Generate a refresh token for any user associated with my Okta application, based on the client and client secret

Gurinderpal · November 28, 2023, 6:18am

Hi!

I find myself in a situation where I need to provide a user with a refresh token upon their onboarding in our application.
To achieve this, I must adhere to the OAuth flow to obtain the authorization code. Utilizing this authorization code, I can then generate a refresh token through the /token endpoint.

My objective is to generate the authorization code using the client and client secret, given that I am the administrator of the application.

But I didn’t find any way in Okta.

Thanks,
Gurinderpal

andrea · November 28, 2023, 4:08pm

Only the user themself will only be able to receive user scoped tokens, as they will need to complete primary authentication and/or have an active Okta session to do so.

If your user has just been onboarding into your application, I would assume that means that they have been authenticated in someway. Are you not having the user authenticate into Okta at this time?

If so, your application would be able to request tokens on their behalf using auth code flow.

Post		Replies	Views
Authorize Endpoint does not return Refresh Token or Code Questions	2	6740	July 23, 2020
How to generate user specific token for server-server integration? OAuth/OIDC	8	649	June 4, 2024
How to get refresh token using an automated way? Questions	3	3346	January 26, 2024
Revoke endpoint OAuth/OIDC	5	3007	February 12, 2024
Okta.com/oauth2/v1/token issues OAuth/OIDC	20	2517	April 5, 2024

Generate a refresh token for any user associated with my Okta application, based on the client and client secret

Related topics