Redirect fails after Okta Verify Success

I’m building a flask server that ties into our company’s Okta verification. Everything looks good and the redirect jumps to the okta sign-in page. When it asks me for an Okta verify push it pings my phone as expected and once I confirm on my phone the browser only says “Not Authorized”.

Our on-site Otka manager checked the logs and from the looks of it I was successfully verified.

This is the response I received in from the flask server logs:
“GET /oidc/callback?state=eyJjc3JmX3Rva2VuIjogIjc3Qy1yVXNLS3pMMWRHeDlaem83ZmdqSUM0ZWkzVTAxIiwgImRlc3RpbmF0aW9uIjogImV5SmhiR2NpT2lKSVV6VXhNaUo5LkltaDBkSEE2THk5aGJtbHRkR1ZqYUhkbFlpNXVhV05yTG1OdmJTOXNiMmRwYmlJLkYxLXk1em5iaURFU0c4Umt1YjBsbjRwNU4wVnRKWmpkVm14ZnFXRXl1R1BULTl6SWVDSVBKU2ZOVGdURXBnWmx2aGhvaDZFblY2Qlg3QlJ0aWlUX2NBIn0%3D&error=access_denied&error_description=Policy+evaluation+failed+for+this+request%2C+please+check+the+policy+configurations. HTTP/1.1”

Has anyone encountered this before?


check if you OIDC application is allowed at the authorization server level

I would also suggest checking that the user who is trying to access the application is assigned to it as well as your scopes

My apologies. I’m still a bit unfamiliar with the process. Can you explain what this means and where to adjust it on the okta site?

Thanks for the suggestion. I’m not sure what scope this might fall under. Is there a way to find out? What’s the downside to having them all granted?