Generate a refresh token for any user associated with my Okta application, based on the client and client secret


I find myself in a situation where I need to provide a user with a refresh token upon their onboarding in our application.
To achieve this, I must adhere to the OAuth flow to obtain the authorization code. Utilizing this authorization code, I can then generate a refresh token through the /token endpoint.

My objective is to generate the authorization code using the client and client secret, given that I am the administrator of the application.

But I didn’t find any way in Okta.


1 Like

Only the user themself will only be able to receive user scoped tokens, as they will need to complete primary authentication and/or have an active Okta session to do so.

If your user has just been onboarding into your application, I would assume that means that they have been authenticated in someway. Are you not having the user authenticate into Okta at this time?

If so, your application would be able to request tokens on their behalf using auth code flow.