Okta user Authorization non API

I am new to okta so I setup a developer account and wrote something quick with Python using the javascript sign in widget and everything seems to work fine. I then pointed this to my companies production okta instance and got the CORS error ‘has been blocked by CORS policy’, on my dev instance I went to API-> trusted origins and had fixed it. But when I spoke with my admin he mentioned we dont have API available. So then at this point I am lost on what I need to do code wise, any help would be appreciated

This causes a lot of confusion and we’re trying to get it fixed.

If you have an IT account (for workforce identity), you don’t have API access management (AM) as a feature. You have to pay for it.

If you create a developer account, you get get API AM for free.

1 Like

Ok, that definitely clears things up in terms of the different access options, now next question is how do I code for that in python? I am having a hard time finding anything online to do user authorization non API way.

I don’t think you can, but I could be wrong. You can use the sign-in widget, but that’s just HTML and JS, no Python required.

So what change do I need to make to the sign in widget to use for non api, like I said earlier when currently using it I am getting the CORS error.

I’m not sure. The last Sign-In Widget example I wrote requires API Access Management as a feature flag. I’d suggest you send an email to developers@okta.com to create a support ticket. Make sure and reference this issue. They’re good people and should be able to help.

I ran in to the same problem. The examples from Okta all rely on the API Access Management module (https://www.okta.com/products/api-access-management) which we haven’t bought.

I found that I could get the code to work once I modified the security issuer URL. Where in the example it states

issuer: ‘https://{yourOktaDomain}/oauth2/default’,

I used

issuer: ‘https://{yourOktaDomain}’,

and it seemed to work.


1 Like

Thanks for your help but unfortunately that did not seem to work for me, at least with the current JavaScript function I am using.