InvalidClient Error when sign in by mobile sdk

ccmhwy · December 17, 2024, 2:07pm

Hi,

I have created an Web type Application on Okta with the Grant Type as “Authorization Code”.
set Sign-in redirect URI: com.franklinwh.oktaExample:/callback
clone okta-mobile-swift sdk and set configuration items in plist

issuer: https://dev-xxxxxxx.okta.com/oauth2/default
clientId: 0oalwn1m520rmgQap5d7
redirectUri: com.franklinwh.oktaExample:/callback

run WebSignIn (iOS) sample and sign in with user name and password
got error when exchange token in the OAuth2 sdk

Printing description of result:
▿ Result<APIResponse<Token>, APIClientError>
  ▿ failure : APIClientError
    ▿ serverError : OAuth2ServerError
      - code : AuthFoundation.OAuth2ServerError.Code.invalidClient
      ▿ description : Optional<String>
        - some : "Client authentication failed. Either the client or the client credentials are invalid."
      - additionalValues : 0 elements

and the exchange request is:

▿ TokenRequest
  ▿ openIdConfiguration : OpenIdConfiguration
    ▿ jsonPayload : <AnyJSON: 0x600002628720>
    ▿ issuer : https://dev-xxxxxx.okta.com/oauth2/default
      - _url : https://dev-xxxxxx.okta.com/oauth2/default
      - _parseInfo : nil
      - _baseParseInfo : nil
    ▿ authorizationEndpoint : https://dev-xxxxxx.okta.com/oauth2/default/v1/authorize
      - _url : https://dev-xxxxxx.okta.com/oauth2/default/v1/authorize
      - _parseInfo : nil
      - _baseParseInfo : nil
    ▿ tokenEndpoint : https://dev-xxxxxx.okta.com/oauth2/default/v1/token
      - _url : https://dev-xxxxxx.okta.com/oauth2/default/v1/token
      - _parseInfo : nil
      - _baseParseInfo : nil
    ▿ jwksUri : https://dev-xxxxxx.okta.com/oauth2/default/v1/keys
      - _url : https://dev-xxxxxx.okta.com/oauth2/default/v1/keys
      - _parseInfo : nil
      - _baseParseInfo : nil
    ▿ responseTypesSupported : 6 elements
      - 0 : "code"
      - 1 : "id_token"
      - 2 : "code id_token"
      - 3 : "code token"
      - 4 : "id_token token"
      - 5 : "code id_token token"
    ▿ subjectTypesSupported : 1 element
      - 0 : "public"
    ▿ idTokenSigningAlgValuesSupported : 1 element
      - 0 : AuthFoundation.JWK.Algorithm.rs256
  ▿ clientConfiguration : <Configuration: 0x60000291c000>
  - redirectUri : "com.franklinwh.oktaExample:/callback"
  - grantType : AuthFoundation.GrantType.authorizationCode
  - grantValue : "TKK0occjSgGPYApUWHV-hOLgeFTEH1zMqoO3kdUsEOk"
  ▿ pkce : Optional<PKCE>
    ▿ some : PKCE
      - codeVerifier : "zoDNfllsZDiqvyFzkAlrUKg_4AL0NnxQO7Qx5qlyEDs"
      - codeChallenge : "a7XlE0B7U-fvjatUA90uUeg4JtyWUbjaSM6Yrs6r_Uw"
      - method : AuthFoundation.PKCE.Method.sha256
  ▿ nonce : Optional<String>
    - some : "DJhZW1UU5yX58Lp_FDI6yA"
  - maxAge : nil

So what’s the problem? You can check my application configuration by clientId: 0oalwn1m520rmgQap5d7

andrea · December 17, 2024, 4:31pm

Can you try creating a Native app within Okta instead and ensure that its Client authentication is set to None and that the Require PKCE as additional verification is selected next to Proof Key for Code Exchange (PKCE) as depicted in my screenshot below? These are also the default options set when you create a Native OIDC app.

system · December 19, 2024, 2:45am

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
Invalid_client Error when calling /token endpoint with Okta Sign-In Widget Questions	3	4754	February 12, 2024
Authorisation Error: invalid_client: Client authentication failed.Either the client or the client credentials are invalid Questions	5	12823	April 12, 2023
Ouath 2 /token endpoint return invalid_credentials OAuth/OIDC	2	1326	February 2, 2024
Invalid_client error Questions api	2	3160	February 13, 2024
How resolve this error . please kindly let me know if anyone knows OAuth/OIDC	2	2205	February 12, 2024

InvalidClient Error when sign in by mobile sdk

Related topics