Okta Developer Community

OKTA authorization Server issue

Questions OAuth/OIDC

susanayr August 14, 2018, 11:43pm 1

Hello,

I am implementing a OIDC implicit flow application and running into issues with Authorization Server configuration.

During my development, I used the default custom authorization server (https://dev-xxxx.oktapreview.com/oauth2/default/v1/authorize) and it worked. However, when using my org OKTA, it is throwing “Invalid JOSE Header kid (xxxxxxx-uJPflI)”.

The issuer for Org OKTA I was given is: https://<company>.oktapreview.com

Is it possible to authenticate an accessToken against the default Authorization Server? Any ideas on this?

Thanks,
Susana

tom August 16, 2018, 3:33pm 2

That authorization server is for your Okta org and the Okta Org’s APIs.

You want to set the issuer to:
https://xxxxx.oktapreview.com/oauth2/default

susanayr August 16, 2018, 11:17pm 3

Thanks Tom! I was said to use the org okta since there isn’t a default custom authorization server.

It seems though an app needs a custom authorization server to be able to validate access token (OIDC implicit flow)

Thanks for helping

system Closed January 12, 2024, 10:58pm 4

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.