I want to create OAuth 2.0 client application using postman

pgosai · January 11, 2022, 12:26pm

I tried to create client application by following link. (using API token)

https://developer.okta.com/docs/reference/api/apps/#add-oauth-2-0-client-application

It did not allowed me to create the application, in fact it gave me error like “Resource not found”.

{
“errorCode”: “E0000007”,
“errorSummary”: “Not found: Resource not found: Sample Client App - Through API (App)”,
“errorLink”: “E0000007”,
“errorId”: “oae8GtOhEVbTr64_55Ma–tCw”,
“errorCauses”:
}

Please help if anyone has come across such requirement.

tyty · January 11, 2022, 11:05pm

Hi there! I recommend checking out Okta’s postman collection(s) - There’s an Apps API specific collection you can use to test: Postman Collections | Okta Developer

erik · January 11, 2022, 11:06pm

Hello pgosai,

In Postman you can export a call to various code </> including cURL. Could you do that and supply the call. Make sure you don’t supply your actual API Token when posting the cURL call.
A guess would be that you are accidentally doing a GET instead of a POST, but would need to see the entire command to know for sure.

pgosai · January 12, 2022, 7:39am

Yes I have followed that and used their collection. But when creating it is giving such error response.

pgosai · January 12, 2022, 7:45am

curl --location --request POST ‘https://dev-{actual url}.okta.com/api/v1/apps’
–header ‘Accept: application/json’
–header ‘Content-Type: application/json’
–header ‘Authorization: SSWS {API token}’
–data-raw ‘{
“name”: “Sample Client App - Through API”,
“label”: “Sample Client App”,
“signOnMode”: “OPENID_CONNECT”,
“credentials”: {
“oauthClient”: {
“token_endpoint_auth_method”: “client_secret_post”
}
},
“profile”: {
“label”: “Sample Client App”
},
“settings”: {
“oauthClient”: {
“consent_method”: “REQUIRED”,
“client_uri”: “http://localhost:8080”,
“logo_uri”: “http://developer.okta.com/assets/images/logo-new.png”,
“redirect_uris”: [
“https://{actual url}/signin-oidc-okta”
],
“post_logout_redirect_uris”: [
“https://{actual url}/signout-callback-oidc”
],
“response_types”: [
“token”,
“id_token”,
“code”
],
“grant_types”: [
“authorization_code”
],
“application_type”: “web”
}
}
}’

Here is full call details. I have imported the collection that Okta provides. So, the call is POST call, not sure what is else is wrong in this.

erik · January 12, 2022, 6:20pm

The call mostly looks ok. The one thing that sticks out is for grant_types you only have “authorization_code”. Since your response_types includes “id_token”/“token” you would also need to add “implicit” to your grant_types. If you do not want to support “implicit” you would need to set response_types to only contain “code”.

Below is a working call I tested for comparison.

curl --location --request POST 'https://{DOMAIN}.okta.com/api/v1/apps' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--header 'Authorization: SSWS 001...' \
--data-raw '{
    "name": "oidc_client",
    "label": "AFF Test",
    "signOnMode": "OPENID_CONNECT",
    "credentials": {
      "oauthClient": {
        "token_endpoint_auth_method": "client_secret_post"

      }
    },
    "profile": {
        "appid": "APP-43",
        "label": "AFF Test"
        },
    "settings": {
      "oauthClient": {
        "client_uri": "http://localhost:8080",
        "logo_uri": "http://developer.okta.com/assets/images/logo-new.png",
        "redirect_uris": [
          "https://example.com/oauth2/callback",
          "myapp://callback"
        ],
        "response_types": [
          "token",
          "id_token",
          "code"
        ],
        "grant_types": [
          "authorization_code",
          "implicit"
        ],
        "application_type": "web"
      }
    }
}'