Issues in getting the access token

Questions OAuth/OIDC
1

Hi All,

I am trying to implement a simple flow;

  1. A backend Java application shall make a POST call to obtain the access token.
  2. The access token shall be validated against the okta server.

There is no web interface for this application.

I have created an Okta client application. Here are the details:

{
“client_id”: “XXXXXXXXXX”,
“client_secret”: “XXXXXXXXXXXXX”,
“client_id_issued_at”: 1542128025,
“client_secret_expires_at”: 0,
“client_name”: “Lorem Ipsum”,
“client_uri”: “http://localhost”,
“logo_uri”: “http://localhost/logo.png”,
“redirect_uris”: [
http://localhost/oauth2/redirectUri
],
“post_logout_redirect_uris”: [
http://localhost/oauth2/postLogoutRedirectUri
],
“response_types”: [
“code”,
“id_token”,
“token”
],
“grant_types”: [
“authorization_code”,
“refresh_token”,
“implicit”
],
“initiate_login_uri”: “http://localhost/oauth2/login”,
“token_endpoint_auth_method”: “client_secret_post”,
“application_type”: “web”
}

When i request for an access token, i am redirected to a url (localhost?access_token=XXXXX). Since I don’t have a web interface, i would like to get a JSON response so that i can easily extract the access_token and validate it using the introspection REST call.

Also, please suggest an example REST call for token validation.

Please suggest a suitable approach for this.

2

Hey @adobedemoindia!

I strongly suggest using a library that handles all of the OAuth2 logic for you. There are a handful of great libs, (both in the Spring and non-Spring ecosystems). What does your stack look like maybe we can suggest something specific?

-Brian

3

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.