I am able to use Okta in my applications. However, when I try ti interact with Okta via Postman in order to automate test HTTP calls, then Okta responds with HTTP status 400, complaining about invalid / expires authorization codes. Any idea why this happening?
Happens about 80% of the time now. This never happened last month. This happens with dev-#####.okta.com servers. I know my Mac system clock is NTP synced, for what it’s worth.
So strange that this only happens with Postman, not with Chrome. Any idea?
When doing Authorization Code Flow, the authorization code can be used only once and will expire after 60 seconds if not used.
If this does not apply to your testing use-case, can you please check that you are using the same authorization server for both issuing the authorization code and exchanging the authorization code for JWT tokens?