Hi All,
I am trying to create some automation through an application APIs that has Okta authentication (oidc implemented with nginx+vouch).
I got sessionToken from /api/v1/authn
Got the code from /oauth2/v1/authorize
I got bearer token from /oauth2/v1/token
When I try to access my application’s API by sending a GET with header "Authorization: Bearer {Token}, My application redirects me to Okta login page.
I am stuck with it for a long time and couldn’t identify the issue.
Thanks in advance.
Hello,
We would need more details about your application and the backend end you are trying to access with the access token. From what you have provided my first thought, is the application API you are trying to access your own application or an Okta API? If it is your own API, are the URL paths you provided correct
/oauth2/v1/authorize
This would indicate that you are getting your tokens from the Org Authorization server and not a custom Authorization server. The access token minted from the Org Auth server can only be used to access Okta APIs, not your own APIs. More info on Auth server types can be found here.
If this is not the problem please provide more details about your application and the resource being accessed with the token.
Hi Erik,
Thanks for your response.
I am using Org Authorization server to get bearer tokens. (https://okta.company.com/oauth2/v1/authorize)
Using the bearer token as Authorization header, I am trying to access a application API that is behind the Okta authentication (https://app.company.com/api/list).
@knsankar Hi, if you are trying to get access token with code. Please refer the below doc
https://developer.okta.com/docs/guides/implement-auth-code/exchange-code-token/