Okta Oauth Integration

I am attempting to implement Oauth 2.0 with Okta. I followed this tutorial, Implement OAuth for Okta | Okta Developer.

My question is around the client ID and secret when going through the oauth flow to eventually get an access token. Most of my experience with oauth 2.0 is that you create your own app integration with client ID and secrets that you own, in order to authenticate with a third party account. But it appears Okta is unique in that I actually need the client ID and secret of the third party in order to obtain an access token from said third party.

Is this correct? Thanks for any help here.

You will need to create an application within Okta. The Client ID and Client secret are unique to Okta. For more information, please visit this guide - Implement OAuth for Okta | Okta Developer

Using OAuth for Okta allows you to interact with Okta APIs via scoped OAuth 2.0 access tokens.

Note that you can request an access token by making a call to your Okta org authorization server /authorize endpoint. Only the org authorization server can mint access tokens containing Okta API scopes. For more details, see Which authorization server should you use.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.