Okta Access Token Not Generated

Hi Team,

I followed the steps mentioned in doc - https://developer.okta.com/docs/guides/implement-oauth-for-okta-serviceapp/main/

Section Create and sign the JWT → In this, For testing purposes, use this tool to generate and sign a JWT. This tool link is not working. I got work around with API call, I am able to generate the JWT token.

Section Get an access token → I am using JWT token to get access token but not getting the token. Getting ‘Bad Request’ in post main when executing via online curl runner (https://reqbin.com/curl) then getting ‘invalid_client’.

As per doc in this section, no client id required, could you please help me with the solutions?

I am trying to get token api rest api and use in subsequent rest api call. I need to validate the token, if valid then proceed else return error.

I will be happy if you can help me with API gateway integration doc along with above query.

Curl Command:

curl --location --request POST ‘url’ \

--header ‘Accept: application/json’ \

--header ‘Content-Type: application/x-www-form-urlencoded’ \

--data-urlencode ‘grant_type=client_credentials’ \

--data-urlencode ‘scope=okta.users.read’ \

--data-urlencode ‘client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer’

--data-urlencode ‘client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJhdWQiOiJodHRwczovL2ludGVncmF0b3ItMTc2MTI4OS5va3RhLmNvbS9vYXV0aDIvZGVmYXVsdC92MS90b2tlbiIsImlhdCI6MTc2MjE1NTc4MiwiZXhwIjoxNzYyMTU2MDgyLCJpc3MiOiIwb2F3djFyZ3I3TWFsOTJqWTY5NyIsInN1YiI6IjBvYXd2MXJncjdNYWw5MmpZNjk3IiwianRpIjoiMmI5YjY2YzQtODY0MS00MzNlLWExMmEtZGNiZjgwYTU3NzMwIn0.WAcjmVa8z1rYK_E5Feqw10fYkBd59chG1AxIVxyQ37MaMo31I6D-l6ux0IT9Oowa3HWcoLCUfCCdEd-Om9OlUiZnoADI_7diDGAaonCBCqPOI6_VKSsZVBLwcP1mFQhltnQTKkMcM6Mmy9-675llJWXXKvwCrVumOi0HzzzIRB6nKzac7HsxY5Apibv9xCgpkdyXpRG3PDroyww5rGymuKtGtmB59ha-EiXEiVJcXQ4PcCdEAf8tyxxV2gTkIRbeDDinBlV-MYWSmktPsNpH_fYMbwyy1zqPF_67UQq_yh11vSV_xWrkFJq9Vfzz8rP0H2k2s9L40OdeE4XvyQs61A’ \

--data-urlencode ‘client_id=0oawv1rgr7Mal92jY697’

If you are trying to implement the solution in the OAuth for Okta guide (so that you receive an Access Token that can be used against an Okta endpoint, such as /api/v1/users), make sure that you are setting the audience for your JWT as the OktaDomain/oauth2/v1/token endpoint and that you are sending your resulting JWT to the OktaDomain/oauth2/v1/token endpoint. When I inspected your client_assertion, I saw that you had instead set the audience value as OktaDomain/oauth2/default/v1/token

Hi Andrea,

Thank you for replying. I followed the steps mentioned in Implement OAuth for Okta with a service app | Okta Developer

Under Create and sign the JWT steps, we need to generate JWT via this tool link. This URL is not working so followed new steps to generate the JWT. This JWT will be used as client_assertion under Get an access token steps.

• client_assertion: The signed JWT. Paste the JWT that you signed in the Create and sign the JWT section.

I created JWT token based on private key followed Build a JWT for Client Authentication | Okta Developer . I got the JWT with this implementation.

When using JWT token as client_assertion under Get an access token steps. We are getting error ‘Bad Request’. Hope you understood my problem. I will be able to make call once i will get access token.

Please help on this. Please let me know any further clarification needed.

Note: Please follow the documents and match with my steps to understand better.

https://www.jsonwebtoken.dev/ ← you can’t access that site? Thats what I use to test this completing this flow manually

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.