Okta vuejs implicit callback token truncated


My setup is a VueJs app using the okta vuejs sdk. I am using OIDC with implicit flow to get an id token.
I am using version 3.1.0 of the okta-vue sdk.

After a user successfully authenticates on the okta login screen, the automatic redirect to the route /login/callback only contains part of the id_token. When I decode the token, I can see that it has been truncated. The callback uri (plus the fragment) is always 8182 bytes long.

I’ve took a look at this and it appears to be my issue:

Unfortunately the suggested work around seems to require sending the response as a post which I don’t believe will work in the UI.

I did change the responseMode to ‘form_post’, which fails, but when I examine the post payload it contains id_token in its untruncated form.

Has anybody else encountered this or have other ideas for how to solve it?


Can you attach the errors when it fails with the responseMode set to ‘form_post’?

If you could provide more details about your application. Are you using the widget hosted in the Vue app, or a custom login form?

@hwhartman-chewy The maximum characters is 8000. So your call back return is larger than the max value. As you mentioned, it looks like you already get the id_token with its untruncated form? So what is the question now?