List users using token created from client credentials

Im referring to Implement authorization by grant type | Okta Developer
for token generation using client id and secret.
I made my custom authorization server and one custom scope as mentioned.
For access policy, I assigned it to all clients. I have users read granted for my app.
Now when I hit the list users API with generated token I receive 400 Bad Request.

Is something else is required other than this stuff?

Screenshot from 2024-04-05 00-30-13

Take a look a this guide that shows you how to use an API Services app to get an Access Token that you can use against Okta’s own APIs (like /api/v1/users): Implement OAuth for Okta with a service app | Okta Developer

Can you point out any gaps above. I also tried the mentioned link.

  1. You need to use the Org Authorization Server in order to be able to request and receive the schope
  2. You need to configure the API Services app you are using for private_key_jwt client authentication. You cannot request tokens from the Org Authorization server with an API Services app if its set to Client Secret auth.

The guide walks you through how to complete the flow with private_key_kwt client authentication, which was why I recommended it.

Ok sure.
Its just that I want to write a script over it and fetch the user and do some operations on them in my app.
So I thought of using Postman first to verify things.

Is there some alternative for above which covers my actual use case. I dont want to generate these keys in code but constrained to use client id and secret over ssws token.

What kind of script is this? If it helps, our Management SDKs (Python, Golang, NodeJs, Java, .NET) all support using OAuth for Okta and all you have to provide in their config is the private key itself. The SDK will be the one that actually generates a JWT and then requests a token from Okta

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.