Hi,
I’ve found a few topics on this but they seem to reference code snippets that are not there and things appear to have changed and or are out of date.
We’re building a number of native applications which do not have browser components.
We figure our flow is like this:
- api/v1/authn (works)
- Detect Factor
- Activate Factor
- Verify Factor (and for push a poll to check status)
- /oauth2/v1/authorize/ Get Authorization Code + ID Token. (fails)
This is where we run into difficulty. Having configured our application as Native and having configured all the grant types we attempt an authorize:
/oauth2/v1/authorize?client_id=&response_type=code id_token&response_mode=fragment&scope=openid&redirect_uri=com.oktapreview.:/callback&state=moot&nonce=123123123232233232&sessionToken=
The issue is we then get a:
Identity Provider: Unknown
Error Code: invalid_request
Description: The 'redirect_uri' parameter must be a Login redirect URI in the client app settings: https://.oktapreview.com/admin/app/oidc_client/instance#tab-general%3C/h2%3E
We’ve lifted the generated the “Sign in redirect URIs” directly from Okta admin portal.
What are we missing?
Regards,