POST https://dev-251753.okta.com/oauth2/default/v1/token -> AuthApiError

andrewliang · January 22, 2020, 2:39am

Hello,

I currently have an ASP.Net Core application with Angular. I have followed this Okta Sign-In Widget tutorial but I’m having some issues. When I login using Okta’s login credentials, my browser gets redirected to

https://dev-251753.okta.com/oauth2/default/v1/authorize?client_id=0oa25ces7erAiw8OJ357&code_challenge=PPkLUZsmZHGan-f5nepoNzkUhBAVXqZZfCg30fQUPBg&code_challenge_method=S256&nonce=Hl4hF6xdtKpIbnOoBEevnCaJIlKhpyHkSTOlRrIrCjtjfRRj4Ae8D4ggSlk2a1aR&redirect_uri=https%3A%2F%2Flocalhost%3A5001%2Fimplicit%2Fcallback&response_mode=fragment&response_type=code&sessionToken=20111HskRjozcR_Vc5T_rjQOvJHNJsm6mJjDaEuktQQkvXek-_Ks0cw&state=LIlq1nU1sO8hssY3QUdl8D6YaFB7Ak0iOAQzB7SQf6VJ9WIbtjCU9uGxxzKYJKET&scope=openid

The server responds with a redirect to:

https://localhost:5001/implicit/callback#code=hqsjmIYTdt35wshHYj9u&state=LIlq1nU1sO8hssY3QUdl8D6YaFB7Ak0iOAQzB7SQf6VJ9WIbtjCU9uGxxzKYJKET.

However, my angular application logs the following error:

I viewed the network traffic and I noticed a POST to https://dev-251753.okta.com/oauth2/default/v1/token has failed with a 401 Unauthorized HTTP error and the following payload:

{"error":"invalid_client","error_description":"Client authentication failed. Either the client or the client credentials are invalid."}

I know the client credentials are correct because I’ve used them numerous times on Okta’s website and view the Admin section.

Also, the clientId in my Okta config is correct 0oa25ces7erAiw8OJ357.

Why I’m getting this error? Thanks

dragos · January 29, 2020, 6:07am

Hi @andrewliang

This error usually occurs when trying to authenticate on the /token endpoint and the application is not configured to use credentials.

Through Postman, cURL or any other tool at your disposal, can you please make a GET request on /api/v1/apps/0oa25ces7erAiw8OJ357, copy the response body, modify credentials.oauthClient.token_endpoint_auth_method to “client_secret_basic” from “none” in the response and, in the end, submit the new body as a PUT request to the same endpoint?

potnuru · September 30, 2021, 11:54pm

Hi,

I have the similar issue , I checked my settings , looks as you mentioned in the post. Still no luck.

Any other options or configuration that might cause this issue?

"credentials": {
        "userNameTemplate": {
            "template": "${source.login}",
            "type": "BUILT_IN"
        },
        "signing": {
            "kid": "XXXXXXXXXXXXXXXXXX"
        },
        "oauthClient": {
            "autoKeyRotation": true,
            "client_id": "0oa117686nhQf5On10h8",
            "token_endpoint_auth_method": "client_secret_basic"
        }
    },

system · February 8, 2024, 7:34pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.