Background on the infrastructure we are using. We are using OpenResty with lua-resty-openid module and the webserver is acting as the openid connect client. We have spring-boot backend that is verifying the JWT issuer and exp. Currently I have setup a single application and we are using the Authorization Code flow as well as refresh token. The plan is to leverage the Okta hosted ui for most things.
I’m currently struggling with the registration flow. The user receives an email to verify their email, but they are receiving a 404 invalid_token response. I can set Registration activation to not be required, but this does not solve my problem.
Application requires login --> OpenResty redirects to Okta login --> User self-registration --> User adds extra Okta attributes --> User is activated --> Redirect to Application with Access Token
Email verification flow:
User receives email verification --> User clicks verify link --> User redirect to application