Get the access token from v1/authorize call

I am trying to get the access token or id token manually by calling my custom authorization server

however I am getting 302 not found with no repose which it is still successful but I am not seeing any response coming back from this call. then I see a call to the
https://{yourOktaDomain}/oauth2/{authServerId}/v1/keys API which in return I get the public key.

How can I obtain the access token or the actual JWT token from this call?

Hi @jelbatnigi

The details received depend on the values passed in response_type and response_mode query parameters on /authorize endpoint.

  • response_type

    • code - returns an authorization code that you need to exchange on /token endpoint for an access token and an ID token (optional also a refresh token)
    • id_token - returns an ID token
    • token - returns an access token
  • response_mode

    • fragment - returns the value from response_type as a fragment on the callback endpoint
    • form_post - returns the value from response_type as an HTTP POST on the callback endpoint
    • query - returns the value from response_type as query parameters on the callback endpoint
    • okta_post_message - this is used when having event listeners in order to avoid a redirect to Okta (you can find an example for this use-case here)

You can see the details sent easily also by checking the callback endpoint in the browser’s network logs.

Yes But how do I get that token from the redirect url? If I make a call the /authorize call pragmatically? also I cannot use Response_mode query if the Response_type is token or token_id.

Hi @jelbatnigi

In this case, you should be able to retrieve it from the query parameters on redirect_uri using either language built-in variables or methods (for example in PHP you can retrieve it directly from $_GET global variable) or through custom methods that parse the URL and retrieve the query parameters individually.