I am using Authorization grant type-authorization code in my java application (not sping boot).
I have the below issue.
- In browser enter okta server url
- okta authenticates
- now it enters into okta console and shows all the applications that user have proper access to
- I clicked on my application → it takes me to my application properly.
- I just clicked X to close the tab.
- Then again I clicked on application, its not returning access token and id token. It throws 400 error when i call /token endpoint.
- Then I clicked on X to close the tab.
8 I did the same step 6 & 7, it worked good…
- Again step 6 & 7, it throws me 400 error.
Summary, it works good alternatively. I am not sure what is happening.
When I check log in okta server, there is no scope defined when it throws 400 error. It passes scopes correctly alternatively. Is this something to do with this issue?