POST 403 error (AuthApiError) at /token endpoint

Upbeat · August 4, 2020, 8:29pm

Hello,

I’m using Angular to authenticate users but I’m having trouble with the ‘send authentication code + client secret’ part of the PKCE flow. In particular, I’m getting a 403 when I post to the /token endpoint using angular. Also, I’m not doing any posting myself, I’m using the following method provided in @okta/okta-angular

handleAuthentication(): Promise;

I can also see the okta-oauth-nonce and okta-oauth-state cookies in the dev tools but no tokens (obviously, the request failed).

Could this be due to bad headers?

EDIT: Included form data:

Another idea: this could be due to no Issuer when instantiating the OktaAuthService:

Thanks for looking.

Upbeat · August 4, 2020, 9:04pm

Update: I can copy and paste the info in the failed post request into postman and get tokens successfully - truly confused why this would be:

Post		Replies	Views
SPA Application get access token with code and PKCE got 403 response Questions	4	4149	May 21, 2020
V1/token is returning 401 unauthorized OAuth/OIDC api , angular	6	10376	December 31, 2020
Angular Okta SDK receives 400 on POST /token Questions	3	2998	February 8, 2024
POST https://dev-251753.okta.com/oauth2/default/v1/token -> AuthApiError Questions	3	6316	September 30, 2021
Getting a 403 when attempting to exchange an authorization code for an access token OAuth/OIDC	20	16832	February 4, 2020

POST 403 error (AuthApiError) at /token endpoint

Related topics