Hi, I am trying to integrated Okta auth in Swagger using the OpenID Connect & OAuth 2.0 API provided by Okta. I am using FastAPI so I am configuring the Swagger provided by it, here is the config snippet,
The above snippte enables Okta to show auth options but when I try to select the password option & enter my email & password, It gives the CORS error.
I have already added the http://localhost:8000 & my okta domain in the trusted origin but stills I am getting this CORS error. Can someone please help me?
What flow are you currently trying to complete this way? The /token endpoint does not support CORS if you are not completing Authorization Code flow with PKCE.
Actually I am not sure about that. What I want to do is that Registered users in Okta should be able to login using their username & password. I had just added that /.well-known/oauth-authorization-server url in the swagger & it started to show me various login options in the popup so I choose to use the username & password option.
So are you using resource owner password grant, where the username/password is getting sent directly to the /token endpoint? When I tried to complete that flow in the browser, I also got CORS errors, as expected.
Thanks for the reply. So what do you say how I should integrate it with Swagger? I can’t find any resource on it on the Internet. I will be thankful to you if you can guide me here.
I’m not sure I understand how Swagger relates to what you’re doing. I can confirm that this call MUST be made from a server, and any tool that is able to make this API call should work.
