Getting 401 after using access token

Hi all,

I have created a Service Application in okta and custom authorization server.
Also created custom scope for the authorization server.

Later I did generate client assertion using following code snippet:

I used client assertion generated from the above snippet to generate access token. Please refer following screen for the postman request:

I have used the access token received from above request and performed rest request to get all the users.

I am getting 401 error.
Can anyone please let me know how to resolve this?

Note: I also tried to enter scope=okta.users.read while requesting the token. The error received was: “One or more scopes are not configured for the authorization server resource.” Therefore changed the scope to “custom” and retrieved the access token.

Regatds,
Gourav

Hi gourav, it looks like you’re using OAuth for Okta API with a custom authorization server but the Okta API scopes are not available for custom authorization servers.

According to https://developer.okta.com/docs/guides/implement-oauth-for-okta/request-access-token :

Only the Org Authorization Server can mint access tokens that contain Okta API scopes.