While using the Okta API, from our QA environment, when attempting to log in to a QA website using Okta, we are receiving either one of the E0000011, or the E0000015 error, but this is a dev org.
If I connect to the remote QA database from my local environment, I can log in without any problems. So I know we have the connection parameters set correctly in the database.
I, and others, have verified our trusted origins are correct, that the client id is active and that the API key is not expired.
We have engaged our networking and server personnel to make sure nothing odd is happening on our servers.
The most frustrating thing about this is that it comes and goes. It doesn’t happen consistently.
The endpoint being called is “api/v1/users/{userId}?sessionToken={sessionToken}”
We also get one of those 2 errors when calling this endpoint from our QA environment : ‘oauth2/default/.well-known/oauth-authorization-server?client_id={clientId}’
It uses a client secret, client ID and API token.
To clarify, our code hasn’t changed in almost a year. So I am sure this is either an issue in our environment or with our Okta org.
If you are seeing the E0000015 error for this endpoint, it is likely because the org in question does NOT have the API Access Management license enabled which is required if you want to use a Custom Authorization Server, which the Default Authorization Server is
I don’t see any evidence in our API docs that this endpoint supports passing in a sessionToken request parameter. Why are you passing it a sessionToken?
But this is a Dev Org which includes the API Access Management license, right? And if it doesn’t, why has it worked for the last 3 years before this week?