Summary:

I seem to be getting a “401 Unauthorized” status code when attempting to call the https://{oktadomain}/api/v1/authn API. My request body looks like this:

{
    "username": "user@company.com",
    "password": "password",
    "options": {
        "multiOptionalFactorEnroll": false,
        "warnBeforePasswordExpired": false
    }
}

I am not using any headers other than application/json.

Response:

{
    "errorCode":"E0000004",
    "errorSummary":"Authentication failed",
    "errorLink":"E0000004",
    "errorId":"oaeEiEKfmtHQpG4PfXZdXkJ8w",
    "errorCauses":[]
}

Details:

I am attempting to call the Okta API from within a C# .NET backend in order to create a user access token. This token would then be used to authenticate to some other APIs in order to allow us to expose business logic to a third-party. However, to do this, I first need to use primary authentication to get a session token as described by this guide:
https://support.okta.com/help/s/article/How-to-get-tokens-for-an-OIDC-application-without-a-browser-using-curlPostman?language=en_US

However, all attempts to successfully use primary authentication fails because I get back a “401 Unauthorized”, despite the account I am using working and is able to sign in using the same credentials in other applications.

I followed the instructions and examples as described in this guide to set up primary authentication:

The example it gives require no special headers and simply uses the username and password. Am I missing a step somewhere?

I figured it out. I was using the wrong corporate URL. For anyone running into a similar issue, you want your “CorpTenantDomain” URL.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.