Hi there,
I have been following example of implementing implicit flow from here.
I’ve also taken an example of how to parse token from Vanilla JS example. Specifically this part:
if (oktaSignIn.token.hasTokensInUrl()) {
oktaSignIn.token.parseTokensFromUrl(
So when the request comes back from OKTA login page, i.e. https://dev-663739.oktapreview.com/oauth2/default/v1/authorize?client_id={client_id}}&response_type=token+id_token&scope=openid+email&redirect_uri={redirect_uri}&state={some_state_string}&nonce=ccDkLo1253ae
I get all correct query strings with values:
id_token={id_token_value…}
&access_token={access_token…}
&token_type=Bearer
&expires_in=3600
&scope=openid+email
&state={state}
But when I try to parse this with oktaSignIn.token.parseTokensFromUrl it ends up in throwing error:
name: “AuthSdkError”, message: “Unable to parse a token from the url”, errorCode: “INTERNAL”, errorSummary: “Unable to parse a token from the url”, errorLink: “INTERNAL”
One other note, if I just render widget on my site without redirecting to OKTA for login, then same code parses all tokens fine.
oktaSignIn.renderEl(
{ el: '#sign-in-container' },
function success(res) { },
function error(err) {
console.error(err);
}
);
Here is the full JS that I use:
var oktaSignIn = new OktaSignIn({
baseUrl: 'https://dev-663739.oktapreview.com',
clientId: '{client_id}',
redirectUri: '{redirect_uri}',
authParams: {
issuer: 'https://dev-663739.oktapreview.com/oauth2/default',
responseType: ['token', 'id_token'],
display: 'page'
}
});
if (oktaSignIn.token.hasTokensInUrl()) {
oktaSignIn.token.parseTokensFromUrl(
// If we get here, the user just logged in.
function success(res) {
var accessToken = res[0];
var idToken = res[1];
oktaSignIn.tokenManager.add("accessToken", accessToken);
oktaSignIn.tokenManager.add("idToken", idToken);
oktaSignIn.session.get(function (res) {
if (res.status === 'ACTIVE') {
// do something with active in user
}
});
},
function error(err) {
console.error(err);
}
);
} else {
oktaSignIn.session.get(function (res) {
// If we get here, the user is already signed in.
if (res.status === 'ACTIVE') {
// do something with active in user
}
// redirect to OKTA login page to sign in
//https://dev-663739.oktapreview.com/oauth2/default/v1/authorize?client_id={client_id}}&response_type=token+id_token&scope=openid+email&redirect_uri={redirect_uri}&state={some_state_string}&nonce=ccDkLo1253ae
});