It appears that i get the same response for a user that has the wrong credentials and a user that’s suspended. Both throw a 401 and no relating info as to distinguish between the two. How do I distinguish between the two?
I don’t think you will be able to distinguish between the 2 by just using the http error code.
One thing you could do is call the
Get User endpoint and check the status of the user - https://developer.okta.com/docs/reference/api/users/#get-user
For a suspended user, the status will be returned as
SUSPENDED, while for a user with wrong credentials who is not suspended, the status will be mostly be
You are correct. I was really hoping I missed something regarding the response. Looks like I didn’t. Thank you sir.