Hi, I am new at Okta.
What I am doing is to try the example downloaded from Okta website
I download the code and update the package and get the project built and run in my local as :
I can visit the hello API and get result ( this is easy). .
however, I got stuck at the API whoami.
What I did to test this API:
- by using the postman: The Request URL is:
- Set the auhorization:
Type: Bearer Token:
Token: token code get from the path: (ADMIN) Security - API - (Tabs) - Tokens - Create Token (copy the value from the first time created)
sent the request IN THE POSTMAN
Got 401 Unauthorized ( disable the ssl )
The response headers show:
WWW-Authenticate : Bearer error=“invalid_token
Who can help this? I have been struggling at this issue for 2 days ~
However, the whoami API
The token from the Security > API > Tokens is not a Bearer token. It is an API management token used to Okta Management REST API Calls.
For the sample application you are using you will need to do one of the OAuth2 Authorization flows in order to get an access_token to send to your resource server.
Authorization Flow Documentation
Okta core samples where you can run the resource server and one of the Okta FE samples in order to do the authorization code flow and get an access_token.
HI, Thanks for your reply.
I have learnt successfully from the example of Redirect Web project. I am able to do login-in and logout and get profile from the example project.
However, I was expecting the example what I mentioned above was to show me how to use a token to visit an API without having a username and psw (no login in is required). Seems that is not what I expected.
Thanks very much.