I need to use the password flow to request an access token from Okta. Here is the REST API endpoint I’m referring to https://developer.okta.com/docs/guides/implement-password/use-flow/. Is this supported in any Okta SDK?
Most Oauth or OpenID flows are supported by the SDK.
We recommend using an OAuth library (like Spring Security), for authentication flows.
Maybe we can point you in the right direction, why are you trying to use a password flow (in general I’d recommend against it)?
1 Like
I have a REST API endpoint to allow the users to request for an access_token with their username and password. This REST API is registered in Okta as “Native App” type. I was hoping that I can use one of the Okta SDKs to access the /token endpoint. But from your answer, looks like none of the Okta SDKs supports it. So, probably I can just use a plain REST HTTP client to access the /token. Do you see any issue if I do that?
You could either make the call directly or use an OAuth library.
Please note: you could obtain an access token with another flow (Authorization code with PKCE for example)
Either way, take a look at https://tools.ietf.org/html/rfc6749#section-4.3
I recommend using openid instead. The users can login through okta then you can retrieve the token using the /token endpoint.
1 Like