Password reset flow doesn't work

Hi,

We’re trying to make our password reset flow work (for our OAuth2 app) - however we’re getting this error:

400
Identity Provider: Unknown
Error Code: invalid_request
Description: The ‘redirect_uri’ parameter must be an absolute URI that is whitelisted in the client app settings.

We checked our app settings in the Okta portal, and “Login redirect URIs” is set to https://outcomes.trackerstaging.com/login

Also our Trusted Origins says “https://outcomes.trackerstaging.com

Otherwise, login works fine for regular login flows.

What gives?

Thanks,

Jamie

Hi @gflynn

The issue occurs because, when you are accessing the authorization endpoint of your Okta org, the redirect_uri query parameter contains a URL that is not present also in the OpenID app in Okta under Login Redirect URIs.

To resolve this issue, please check the following in your application:

  • client ID (if you are pointing to the correct client id in Okta)
  • issuer (if you are using the correct issuer, authorization server and Okta tenant)
  • redirect uri (if the redirect uri set here matches word-by-word what you have configured in Okta; check also if there are any spaces)