Okta login widget The endpoint does not support the provided HTTP method

Hello, the problem that I have is that I use the okta signin widget, I setup everything, but when I login in the widget it says:

You are not allowed to access this app. To request access, contact an admin.

Even if the account that I use have the app permission.

But when I check de browser console it throws the next error:

The endpoint does not support the provided HTTP method

What can I do in this case?

This is the way I send the information to render the widget (is on react)

<OktaSignInWidget
config={{ baseURL: 'https://trial-* * * * * .okta.com’,
clientId: ’
* * * * * * * * * * * * * * * * * * * ',
redirectUri: window.location.origin + ‘/implicit/callback’,
issuer: ‘https://trial-* * * * * * .okta.com/oauth2/default’,
scopes: [‘openid’, ‘profile’, ‘email’],
pkce: true,
grantType: ‘authorization_code’
}}
onSuccess={handleLoginSuccess}
onError={handleLoginEror}
isRegistering={isRegistering}
/>

1 Like

What endpoints are returning these errors?

For the first one, can you ensure that the user you are tested with is assigned the application in question and that there are no policies configured within Okta set to deny them access?

Where can I check that?

I don’t make any API or endpoints call by my part, the one that do that is the okta widget.

const OktaSignInWidget = ({ config, onSuccess, onError, isRegistering }) => {
useEffect(() => {
const signIn = new OktaSignIn({
…config,
features: {
registration: isRegistering,
},
});

// render the okta login widget
signIn.renderEl(
{ el: ‘#okta-sign-in-widget’, features: { registration: isRegistering} },
onSuccess,
onError
);

    return () => signIn.remove();
}, [config, onSuccess, onError, isRegistering]);

return <div id='okta-sign-in-widget'/>;

}

Can you check the Network tab in your browser and see what request is returning a 405 response code (The endpoint does not support the provided HTTP method) and if you see any other 4xx errors?

The error “The endpoint does not support the provided HTTP method” indicates a problem with the HTTP method used in the Okta Sign-In Widget. You have to verify the correctness of your Okta application configuration, ensuring that the client ID, issuer, and redirect URI match. Check the network requests in your browser’s developer tools to identify the problematic request and its HTTP method. Confirm that the redirect URI aligns with the Okta application settings. Additionally, consult Okta documentation for best practices, ensure you are using the latest Sign-In Widget version, and consider contacting Okta support for further assistance if the issue persists. I hope this will help you as it helped me at triotech systems…