How to get access token, working algorithm

Master_Sergius · October 29, 2020, 3:41pm

Hi all,

I’m new here and I need your help

I’ve searched through docs and threads like Get an access token manually for testing and I can’t get access token.
I’ve tried to construct the following uri and use browser:

https://dev-4942226.okta.com/oauth2/v1/authorize?client_id=<my_client_id>&response_type=token&response_mode=fragment&scope=okta.users.read&redirect_uri=http://localhost:5000/oidc/callback&nonce=UBGW&state=1234
My flask app is required to be running, but I get bad request errors anyway.

So, looks like access token connected to particular app that I’ve created, like client id/secret? So, it’s not kind of general password to account?
And what are the real working steps to get access token?
i.e.:

curl <some_url> -d <some_payload>
curl <some_another_url> -d <some_another_payload>

I tried to use debugging redirect uri and run again with browser:

but it fails with the following error:

dzeller · October 29, 2020, 4:40pm

Hi @Master_Sergius, you will need to go to the “Okta API Scopes” tab and allow your app to be granted the scope that you are trying to request (okta.users.read)

Master_Sergius · October 29, 2020, 4:45pm

Holy Moly! That worked, finally after many hours of googling and trying! Why it is so complicated and not obvious? Is there any working guide on okta site?

dzeller · October 29, 2020, 4:58pm

You can find guides on developer.okta.com, here is an guide walking through how to use OAuth Bearer tokens for Okta’s APIs https://developer.okta.com/docs/guides/implement-oauth-for-okta/overview/

Master_Sergius · October 29, 2020, 5:05pm

Thank you. Btw, it turned out this access token which I got is not signed with JWK, why?

system · October 30, 2020, 5:05pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.