IDX20804: Unable to retrieve document from: '[PII is hidden]'

Questions OAuth/OIDC
1

Good afternoon everyone.

So, when I’m using of my developer account, the application works properly, following this tutorial: http://www.macaalay.com/2018/10/11/adding-okta-authentication-with-your-mvc-application-is-easy/

But when I change the configuration to use our payed domain, I got the error:

[HttpRequestException: Response status code does not indicate success: 401 (Unauthorized).]
System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode() +211
Microsoft.IdentityModel.Protocols.d__8.MoveNext() +720

[IOException: IDX20804: Unable to retrieve document from: ‘[PII is hidden]’.]
Microsoft.IdentityModel.Protocols.d__8.MoveNext() +1167
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.IdentityModel.Protocols.OpenIdConnect.d__3.MoveNext() +388
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.IdentityModel.Protocols.d__24.MoveNext() +865

[InvalidOperationException: IDX20803: Unable to obtain configuration from: ‘[PII is hidden]’.]
Microsoft.IdentityModel.Protocols.d__24.MoveNext() +1570
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Security.OpenIdConnect.d__c.MoveNext() +706
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Security.Infrastructure.d__40.MoveNext() +349
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Security.Infrastructure.d__39.MoveNext() +447
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Security.Infrastructure.d__34.MoveNext() +196
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Security.Infrastructure.d__5.MoveNext() +929
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Security.Infrastructure.d__5.MoveNext() +735
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Mapping.d__3.MoveNext() +825
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.StageAsyncResult.End(IAsyncResult ar) +117
System.Web.AsyncEventExecutionStep.InvokeEndHandler(IAsyncResult ar) +225
System.Web.AsyncEventExecutionStep.OnAsyncEventCompletion(IAsyncResult ar) +159

I saw some similar questions here on forum, but none of them resolved my problem.
There is some option that I need to enable?

Both domains have the same application configuration, same CORS/Redirects…

Any idea?

Thanks.

2

Hi @lucaslorensetti

Can you please open a support case with us by sending an email to developers@okta.com to have this further investigated?

3

Good afternoon.

So, with Dragos help, we found the root of issue.

When we’re using a Developer account, we’ve a Authorization Server with the name “default” (you can check under Security > API > Authorization Servers.

As you can see here https://github.com/okta/okta-aspnet/blob/c88b2ecce4bb006adcb3f095a5af0a1b73142d5a/Okta.AspNet.Abstractions/OktaWebOptions.cs#L12 by default the Okta.AspNet nuget package use that if we don’t set some value.

The okta non developer domains doesn’t have that Authorization Server option enabled by default, so, also we don’t have the “default” Authorization Server.

That means if you’re using the developer domain, you can left the default value if you want, otherwise should be null when we setup the “UseOkta” on Owin Startup.cs.

That’s all. Thanks.

1 Like
4

Hi Dragos,

Mine is also a similar case When connected to the public okta application works well.
But while connecting to the non public okta I am getting the below error.
[InvalidOperationException: IDX20803: Unable to obtain configuration from: ‘[PII is hidden]’.]
Microsoft.IdentityModel.Protocols.d__24.MoveNext() +1211
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Security.OpenIdConnect.d__8.MoveNext() +547
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Security.Infrastructure.d__40.MoveNext() +349
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Security.Infrastructure.d__39.MoveNext() +447
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Security.Infrastructure.d__34.MoveNext() +196
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Security.Infrastructure.d__5.MoveNext() +929
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.d__7.MoveNext() +197
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Security.Infrastructure.d__5.MoveNext() +735
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.d__7.MoveNext() +197
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +60
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.d__12.MoveNext() +192
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +31
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.StageAsyncResult.End(IAsyncResult ar) +117
System.Web.AsyncEventExecutionStep.InvokeEndHandler(IAsyncResult ar) +225
System.Web.AsyncEventExecutionStep.OnAsyncEventCompletion(IAsyncResult ar) +159

Thanks.

5

Hi @Pooja

Can you please send an email to developers@okta.com to further investigate this issue?

6

Pooja, did you find a solution to this problem? I am also stuck at the same issue.

7

Hi Team,

Need help, My app works well with Okta Developer but when I use it with company OKTA by chaining only the application id , pass and

[HttpRequestException: Response status code does not indicate success: 401 (Unauthorized).]
System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode() +94579
Microsoft.IdentityModel.Protocols.d__8.MoveNext() +375

[IOException: IDX20804: Unable to retrieve document from: ‘[PII is hidden]’.]
Microsoft.IdentityModel.Protocols.d__8.MoveNext() +662
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64
Microsoft.IdentityModel.Protocols.OpenIdConnect.d__3.MoveNext() +291
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64
System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task) +26
Microsoft.IdentityModel.Protocols.d__24.MoveNext() +1129

[InvalidOperationException: IDX20803: Unable to obtain configuration from: ‘[PII is hidden]’.]
Microsoft.IdentityModel.Protocols.d__24.MoveNext() +1586
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64
Microsoft.Owin.Security.OpenIdConnect.d__10.MoveNext() +431
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64
Microsoft.Owin.Security.Infrastructure.d__40.MoveNext() +272
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64
Microsoft.Owin.Security.Infrastructure.d__39.MoveNext() +271
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64
Microsoft.Owin.Security.Infrastructure.d__34.MoveNext() +158
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64
Microsoft.Owin.Security.Infrastructure.d__5.MoveNext() +659
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.d__7.MoveNext() +179
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64
Microsoft.Owin.Security.Infrastructure.d__5.MoveNext() +519
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64
Microsoft.Owin.Security.Infrastructure.d__5.MoveNext() +519
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.d__7.MoveNext() +179
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +102
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +64
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.d__12.MoveNext() +180
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.StageAsyncResult.End(IAsyncResult ar) +69
Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.IntegratedPipelineContext.EndFinalWork(IAsyncResult ar) +64
System.Web.AsyncEventExecutionStep.InvokeEndHandler(IAsyncResult ar) +165
System.Web.AsyncEventExecutionStep.OnAsyncEventCompletion(IAsyncResult ar) +9930149

8

Any help please. I have been stuck with this road block for a week now.

9

We also encountered this issue while following the guide.
For anyone still looking for a solution, just remove the “/ouath2/default” string from the Authority section of Startup.cs's Configure section.

10

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.