Problem in sample code for SSO QuickStart


Trying to use the sample code in the SSO QuickStart – I’m targeting the Java version but the client-side JavaScript seems identical in all versions of the QuickStart instructions.

The code I’m concerned about is this:

function callMessagesApi() {
    const accessToken = oktaSignIn.tokenManager.get("accessToken");
    if (!accessToken) {
    // Make the request using jQuery
        url: 'http://localhost:{serverPort}/api/messages',
        headers: {
            Authorization : 'Bearer ' + accessToken
        success: function(response) {
            // Received messages!

When I execute the code, the value of the Authorization header appears to be the string Bearer [object Object] (when you concatenate a string 'Bearer ’ with an object, the object.toString turns it into that opaque string).

When the value shows up on the server I’m unable to do anything with it.

Are there some clearer instructions for how to retrieve the value of the accessToken out of the oktaSignIn.tokenManager, and what to do with it?

Any suggestions?

const accessToken = oktaSignIn.tokenManager.get("accessToken").accessToken;

Should do the trick, we will update the quickstarts. Thanks for reporting!

Thanks for the response.

When I make the recommended change I get a server-side error message saying “client credentials not found”

Any thoughts?

In any event, have a nice weekend!