I’m testing SCIM Integration.
Configured app for SCIM with OAuth authorization code flow.
Test authorization is working great, but after a while,
I observe following issue:
Microsoft.AspNetCore.Hosting.Diagnostics|Request starting HTTP/1.1 POST https://***..com/connect/token - application/x-www-form-urlencoded 93
OpenIddict.Server.OpenIddictServerDispatcher|The token request was rejected because the mandatory ‘refresh_token’ parameter was missing
OpenIddict.Server.OpenIddictServerDispatcher|The response was successfully returned as a JSON document: {
“error”: “invalid_request”,
“error_description”: “The mandatory ‘refresh_token’ parameter is missing.”,
“error_uri”: “Error description”
}
I do not think it is on my side, but on okta’s.
Can anybody explain what can be done to fix this issue?
This request is kind urgent.
Could you also confirm if you’re hosting the server on Okta, or if the SCIM server is hosted elsewhere?
If you are using Okta, you should simply request offline_access. However, if you are using a different platform, the process may be more complex as we’re unfamiliar with how your server operates and whether it supports the refresh token.
Generally, adding offline_access should resolve the issue. However, some authorization servers include offline access as a default scope and therefore doesn’t need to be requested. You can find more information on this topic in our article: Okta Help Center (Lightning)