Okta API- Resource owner password flow /token

Hi, I am trying to implement username password login on the defualt authorization server and get a token with /token endpoint. however i get this Error :
Bad request. Accept and/or Content-Type headers likely do not match supported values.

I am setting Accept header to application/json and content-type to application/x-www-form-urlencoded

this is the guide I was following:

My node.js code is here

axios.defaults.headers.common[‘authorization’] =
‘Basic ‘+ Buffer.from(provider.clientId+’:’+provider.clientSecret).toString(‘base64’);
axios.defaults.headers.common[‘accept’] = ‘application/json’;
axios.defaults.headers.common[‘content-type’] = ‘application/x-www-form-urlencoded’;

let body = {
  grant_type:'password',

  username: username,

  password: password,

  scope: 'openid profile email'
}

axios.post(host+'/oauth2/default/v1/token',body)

Any help would be appreciated, thanks :slight_smile:

Hi @ahmed,

Have you tried using curl or postman to make the request?
I have tested this flow using the postman collection and it works fine.

Try the curl request in this link and check if that works - https://developer.okta.com/authentication-guide/implementing-authentication/password#2-using-the-resource-owner-password-flow

The problem was with the body as its a javascript object, when i turned it to a string and added the params to it like a form it worked

1 Like

Hey @ahmed, I’m curious what your use case is. Why do you want to use the resource owner password grant here? Are you building a totally customized login form?

yes, I am building a custom form , where the credentials pass by my server before going to okta

Hey folks, I am new to Okta, having the same error here. But my case is using content-type:application/json, instead of x-www-form-urlencoded

Is Okta not supporting application/json at the moment ? Thanks in advance!

Hey @wayne! Can you post a new topic with some more details of what you are trying to do and the problem you are running into?

@nate.barbettini

thanks for the reply, I created a new one here:

@vijet I am trying to use the curl request mentioned at Implement authorization by grant type | Okta Developer

but i am getting below error, any idea on this.
{“error”:“invalid_grant”,“error_description”:“Resource owner password credentials authentication denied by sign on policy.”}

You have a response from @louie over here for this question: Okta resource owner password flow - #2 by louie