Hi,
I’ve searched for a while and haven’t found any information past this post: Okta-signin-widget POSTing to /authn when I want it to use /authorize for OIDC.
I’m using the authorization code flow with PKCE in a React SPA. I’ve noticed that the widget makes call to the ${baseUrl}/api/v1/authn
endpoint. This did not appear as an issue since the login process worked properly and users could login.
However, client-based rate limit only work on /authorize
endpoint, so I set out to make the requests to this endpoint instead of /authn
. In retrospect, according to our current configuration, the calls should already be made to the /authorize
endpoint. I tried forcing it by using the authParams.authorizeUrl
parameter, however it looks like it is getting ignored.
Is there any option to set to make sure the calls are being made to the /authorize
endpoint?