Integrating okta-spring-boot re-directs me to a 404

I am trying to integrate okta-spring-boot into my existing Spring Boot application (using version 1.4.0) using my corporate okta instance and OpenID.

I can get the server to run, and when I visit localhost:8080, I get re-directed to my corporate okta, but it’s a 404 page.

The url of the 404 page is

404 error screenshot

Screen Shot 2022-08-16 at 4.28.56 PM

My looks like this


It seems like the issuer should be but the engineer I am working with on the corporate okta side says should work no problem.

Here is a look at my SpringSecurityConfig

public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {

    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().antMatchers("/v1/info", "/v1/healthcheck", "/docs/**", "/metrics")

The lists the issuer as {“issuer”: “”}

Is there something I am doing wrong here? Thanks so much

Can you try using the latest version of our Spring Boot Starter (>= v2.0.0)?

I can’t easily upgrade my application to be able to use Spring Boot Starter (>= v2.0.0) so I ended up using this sample application : GitHub - okta-samples/okta-spring-boot-sample: Spring Boot + Okta

I am guessing maybe you think it could be an issue with anything < 2.0 version not supporting org auth?

The only thing I changed in the sample application was setting this in the


When I run the sample application with those properties I get this error when starting the server

Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'oauth2SecurityFilterChain' defined in class path resource [com/okta/spring/boot/oauth/OktaOAuth2AutoConfig$OAuth2SecurityFilterChainConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate []: Factory method 'oauth2SecurityFilterChain' threw exception; nested exception is java.lang.IllegalStateException: Spring Security only supports JWTs or Opaque Tokens, not both at the same time.

If I change the issuer to this


I can start the server and visit localhost:8080, which then redirects me to my corporate okta. I can login, and I get re-directed to localhost:8080 with this error being displayed

[access_denied] Policy evaluation failed for this request, please check the policy configurations.

Talking to my contact in my corp auth, it sounds like within their okta settings of

API → Authorization Servers

There are no entries.

Does there need to be something here for the whole flow to work for Spring Boot?

Thank you.