OAuthError: The client is not authorized to use the provided grant type. Configured grant types

Questions OAuth/OIDC
1

-I don’t know why it doesn’t work when I launch it. I’m using Angular 17 stadalone combined with Okta-signin-widget. Can someone help me?

app.config.ts
import { ApplicationConfig, importProvidersFrom } from ‘@angular/core’;
import { provideRouter } from ‘@angular/router’;

import { routes } from ‘./app.routes’;
import { provideClientHydration } from ‘@angular/platform-browser’;
import { provideHttpClient } from ‘@angular/common/http’;
import { OKTA_CONFIG, OktaAuthConfigService } from ‘@okta/okta-angular’;
import { OktaAuthModule,OktaCallbackComponent } from’@okta/okta-angular’;
import { OktaAuth } from ‘@okta/okta-auth-js’;
import oicd_config from ‘./oicd_config’;

const oktaAuth= new OktaAuth(oicd_config.oidc);

export const appConfig: ApplicationConfig = {
providers: [provideRouter(routes), provideClientHydration(), provideHttpClient(),{provide:OKTA_CONFIG, useValue:{oktaAuth}},
importProvidersFrom(
OktaAuthModule
)],

// authParams là các thông số xác thực bổ sung được truyền vào trong yêu cầu xác thực tới Okta
//PKCE (Proof Key for Code Exchange) là bảo vệ mã xác thực (authorization code) khỏi việc bị lấy cắp trong quá trình chuyển giao giữa ứng dụng và máy chủ xác thực.
};

// oidc thường là một phần của cấu hình để sử dụng OpenID Connect (OIDC) để xác thực người dùng.
app.router.ts
import { RouterModule, Routes } from ‘@angular/router’;
import { ProductsListComponent } from ‘./components/products-list/products-list.component’;

import { ProductDetailsComponent } from ‘./components/product-details/product-details.component’;
import { CartDetailsComponent } from ‘./components/cart-details/cart-details.component’;
import { CheckoutComponent } from ‘./components/checkout/checkout.component’;
import { OktaAuthModule,OktaCallbackComponent,OKTA_CONFIG } from’@okta/okta-angular’;

import { LoginComponent } from ‘./components/login/login.component’;

export const routes: Routes = [
{path: ‘login/callback’,component:OktaCallbackComponent},
{path: ‘login’,component:LoginComponent},
{path: ‘search/:key’,component:ProductsListComponent},
{path: ‘products/:id’,component:ProductDetailsComponent},
{path: ‘category/:id’,component:ProductsListComponent},
{path: ‘category’,component:ProductsListComponent},
{path: ‘products’,component:ProductsListComponent},
{path: ‘cart-details’,component:CartDetailsComponent},
{path: ‘checkout’,component:CheckoutComponent},
{path: ‘’, redirectTo:‘/products’, pathMatch:‘full’},
{path: ‘**’,redirectTo:‘/products’, pathMatch:‘full’}
];
console.log(window);

export default{
oidc : {
clientId: ‘********’,
issuer: **********',
redirectUri: ‘http://localhost:4200/login/callback’,
pkce: true,

    scopes: ['openid', 'profile', 'email'] // Phạm vi truy cập

}
}

Screenshot 2024-04-22 220636
Screenshot 2024-04-22 2206361353×598 86.7 KB

2

Are you using an Okta Identity Engine org? If so, take a look at this article which walks through how to enable Interaction Code flow: Unauthorized Client Error Using Authorized Grant Type | Okta Help Center

3

Screenshot (490)
Screenshot (490)1920×660 88.7 KB

I still get the error. Is there a problem with my config.ts file?

4

Hi there @shirukento1 !

Welcome to the community.

At first glance, I don’t see anything out of place in your snippet of AppModule config, but I can’t see the oktaAuth instantiation.

I also can’t tell from the screenshot of the policies if your Okta application is configured for an SPA app using authorization code flow, but sometimes the info needed for troubleshooting isn’t appropriate to share on a public forum. :sweat_smile:

You may want to use our Angular Quickstart to check things out. I included the link to the repo in the response. You can download the code and replace the variables using your issuer and client ID to verify you can sign in. If not, an issue in the Okta application setup needs to be resolved, which may require more detailed conversations depending on your Okta account type.

To double-check Okta settings against a free developer account, you can create a new one by following the instructions in the Angular Quickstart ReadMe.

Let us know how it goes!

5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.