Python flask - cannot validate acess token


I am trying to implement OKTA auth for my python flask web app.
I based my work upon the following code

For the moment, all the flow is good until the callback.
The callback fails because the access token is invalid. It seems the token can’t be validated…

Any idea ? Any resources ?

I see that Okta org as authorization server requires something different but I was not able to find any outstanding documentation.

Thanks for the help

I believe you need API access management enabled on your org for this to work.

1 Like

Hi @mraible

Thank you very much for you quick reply!
I need to tell a third party to configure the okta part.
Where is this setting located ?
Security > API > ?

For the moment I was only provided with the basic information needed here

Thanks again!

Do you have a “default” authorization server listed at Security > API? If so, things should work.

If you don’t, sign up for a developer account at and you’ll get one for free.

1 Like

I am integrating into an already existing Okta setup, so I don’t manage the config.
I have a dev account for test, I’ll try that again.

So I tried again with my dev account.
I get the same error “Access Token is invalid”…

I have the default authorization server.

I have an app declared in “Applications”.
One thing @mraible , do I need specific permission granted to the token ?


Logs show successful auth, but application fails to process the access token for some reason…


    if not is_access_token_valid(access_token, config["issuer"]):
        return "Access token is invalid", 403
def is_access_token_valid(token, issuer):
    jwt_verifier = AccessTokenVerifier(issuer=issuer, audience='api://default')
        return True
    except Exception:
        return False

We created a new sample this week that’s a little easier to get started with. Fastest way to get started with it:

  1. Install the Okta CLI
  2. Run okta login to associate your org, then okta start flask

You can also download the repo and configure it manually:

git clone

Put your settings in okta-flask-sample/ If you use the CLI, it’ll do this for you.

1 Like

Thank you for prompt support @mraible !
It is working now, the code is validated and it is more straightforward.

Thanks for pointing me towards this new repo.

1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.