OAuthError: The client is not authorized to use the provided grant type. Configured grant types

shirukento1 · April 22, 2024, 3:43pm

-I don’t know why it doesn’t work when I launch it. I’m using Angular 17 stadalone combined with Okta-signin-widget. Can someone help me?

app.config.ts
import { ApplicationConfig, importProvidersFrom } from ‘@angular/core’;
import { provideRouter } from ‘@angular/router’;

import { routes } from ‘./app.routes’;
import { provideClientHydration } from ‘@angular/platform-browser’;
import { provideHttpClient } from ‘@angular/common/http’;
import { OKTA_CONFIG, OktaAuthConfigService } from ‘@okta/okta-angular’;
import { OktaAuthModule,OktaCallbackComponent } from’@okta/okta-angular’;
import { OktaAuth } from ‘@okta/okta-auth-js’;
import oicd_config from ‘./oicd_config’;

const oktaAuth= new OktaAuth(oicd_config.oidc);

export const appConfig: ApplicationConfig = {
providers: [provideRouter(routes), provideClientHydration(), provideHttpClient(),{provide:OKTA_CONFIG, useValue:{oktaAuth}},
importProvidersFrom(
OktaAuthModule
)],

// authParams là các thông số xác thực bổ sung được truyền vào trong yêu cầu xác thực tới Okta
//PKCE (Proof Key for Code Exchange) là bảo vệ mã xác thực (authorization code) khỏi việc bị lấy cắp trong quá trình chuyển giao giữa ứng dụng và máy chủ xác thực.
};

// oidc thường là một phần của cấu hình để sử dụng OpenID Connect (OIDC) để xác thực người dùng.
app.router.ts
import { RouterModule, Routes } from ‘@angular/router’;
import { ProductsListComponent } from ‘./components/products-list/products-list.component’;

import { ProductDetailsComponent } from ‘./components/product-details/product-details.component’;
import { CartDetailsComponent } from ‘./components/cart-details/cart-details.component’;
import { CheckoutComponent } from ‘./components/checkout/checkout.component’;
import { OktaAuthModule,OktaCallbackComponent,OKTA_CONFIG } from’@okta/okta-angular’;

import { LoginComponent } from ‘./components/login/login.component’;

export const routes: Routes = [
{path: ‘login/callback’,component:OktaCallbackComponent},
{path: ‘login’,component:LoginComponent},
{path: ‘search/:key’,component:ProductsListComponent},
{path: ‘products/:id’,component:ProductDetailsComponent},
{path: ‘category/:id’,component:ProductsListComponent},
{path: ‘category’,component:ProductsListComponent},
{path: ‘products’,component:ProductsListComponent},
{path: ‘cart-details’,component:CartDetailsComponent},
{path: ‘checkout’,component:CheckoutComponent},
{path: ‘’, redirectTo:‘/products’, pathMatch:‘full’},
{path: ‘**’,redirectTo:‘/products’, pathMatch:‘full’}
];
console.log(window);

export default{
oidc : {
clientId: ‘********’,
issuer: **********',
redirectUri: ‘http://localhost:4200/login/callback’,
pkce: true,

    scopes: ['openid', 'profile', 'email'] // Phạm vi truy cập

}
}

andrea · April 22, 2024, 3:45pm

Are you using an Okta Identity Engine org? If so, take a look at this article which walks through how to enable Interaction Code flow: Unauthorized Client Error Using Authorized Grant Type | Okta Help Center

shirukento1 · April 22, 2024, 4:09pm

I still get the error. Is there a problem with my config.ts file?

alisaduncan · April 23, 2024, 5:51pm

Hi there @shirukento1 !

Welcome to the community.

At first glance, I don’t see anything out of place in your snippet of AppModule config, but I can’t see the oktaAuth instantiation.

I also can’t tell from the screenshot of the policies if your Okta application is configured for an SPA app using authorization code flow, but sometimes the info needed for troubleshooting isn’t appropriate to share on a public forum.

You may want to use our Angular Quickstart to check things out. I included the link to the repo in the response. You can download the code and replace the variables using your issuer and client ID to verify you can sign in. If not, an issue in the Okta application setup needs to be resolved, which may require more detailed conversations depending on your Okta account type.

To double-check Okta settings against a free developer account, you can create a new one by following the instructions in the Angular Quickstart ReadMe.

Let us know how it goes!