How to get access token, working algorithm

Questions
1

Hi all,

I’m new here and I need your help :slight_smile:

I’ve searched through docs and threads like Get an access token manually for testing and I can’t get access token.
I’ve tried to construct the following uri and use browser:

https://dev-4942226.okta.com/oauth2/v1/authorize?client_id=<my_client_id>&response_type=token&response_mode=fragment&scope=okta.users.read&redirect_uri=http://localhost:5000/oidc/callback&nonce=UBGW&state=1234
My flask app is required to be running, but I get bad request errors anyway.

So, looks like access token connected to particular app that I’ve created, like client id/secret? So, it’s not kind of general password to account?
And what are the real working steps to get access token?
i.e.:

  1. curl <some_url> -d <some_payload>
  2. curl <some_another_url> -d <some_another_payload>

I tried to use debugging redirect uri and run again with browser:

Screenshot 2020-10-29 at 18.23.35
Screenshot 2020-10-29 at 18.23.351964×1484 179 KB

but it fails with the following error:
Screenshot 2020-10-29 at 18.23.18
Screenshot 2020-10-29 at 18.23.182540×1370 294 KB

2

Hi @Master_Sergius, you will need to go to the “Okta API Scopes” tab and allow your app to be granted the scope that you are trying to request (okta.users.read)

1 Like
3

Holy Moly! That worked, finally after many hours of googling and trying! Why it is so complicated and not obvious? Is there any working guide on okta site?

4

You can find guides on developer.okta.com, here is an guide walking through how to use OAuth Bearer tokens for Okta’s APIs https://developer.okta.com/docs/guides/implement-oauth-for-okta/overview/

5

Thank you. Btw, it turned out this access token which I got is not signed with JWK, why?

6

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.