*.okta.com/api/v1/apps/{cid}/groups

Can I get the groups a Machine-To-Machine account is in using its Bearer token? Currently I am getting a error - {“errorCode”:“E0000005”,“errorSummary”:“Invalid session”,“errorLink”:“E0000005”,“errorId”:“oaeetH_ta4BSqWGrlyilnJs0A”,“errorCauses”:[]}.

Using a SSWS token the C# code works fine but my security team wants me to pass the Bearer token back to the server to get the groups. Is this posible?

The Bearer token was reguested using grant_type: client_credentials & scope: access_token groups. Is my problem, I need an openid token that is an valid for a grant_type: client_credentials?

It’s possible with the new feature OAuth for Okta, I think it’s still in EA, so make sure to enable it in your tenant. Here is some guidance https://developer.okta.com/docs/guides/implement-oauth-for-okta/overview/

Thanks, that did fix the error but the list is empty now? Ticket was moved to a dev resource.