Is it possible to create an application to gain token from another sub domain?

My use case is to create an application and gain access/refresh token with authorization code flow among users of any domain and any organization.

I try the code grant python sample from github and it fail with http status code 400.
I think it’s because the client_id/secret I used is not created under the same sub-domain.

So I am wondering if there’s possibility to achieve the case with current existed authorization grant flow ? Or the application we created could only be eligible for using with the users/groups defined under the same dev domain ?

Thanks !

Hi @mikechiu1012! I’d like to understand your setup a bit more. Do you have two different issuers/org domains and you are hoping to share access tokens between both?

Hi sigama, thanks for ur reply.

I’d like to understand your setup a bit more. Do you have two different issuers/org domains and you are hoping to share access tokens between both?

Yes, that’s what I did.

e.g. Imagine I am implementing the log collector service and want to create an application which could gain the token among users of different domains.
Usually I only have to create an application and request specific scopes and it’s done.
It seems not workable for Okta since the application I created is under my specific dev domain.

So I am just wondering if it’s possible to do so just like other cloud services does?
Thanks for your reply!

@mikechiu1012 thanks for clarifying. I have not seen this pattern used at Okta just yet. Currently, our samples use one issuer per app not multiple issuers per app. I invite you to share your use case on our Ideas Portal to https://ideas.okta.com/ - so we can get others to vote on it as well.

Hi sigama,

Thanks for your reply, I will wrap up more information before I post on Ideas Portal.
Thanks for your information :slight_smile: