Rest API Tokens for admin and user

Hello. I am trying to setup a simple authentication scheme for a rest api. The idea is to have two endpoints, one of them accessible to an admin and the other one accesible to a user. I am using spring boot. Below is my security configuration.


With this config I have to add a Bearer token to the requests calling the endpoints in order to get a valid answer. The token I have been using is obtained calling the endpoint
I call the endpoint from postman using basic auth, and using client id and client secret.
I use grant_type client_credentials and scope custom as the body of the request.

The problem is that I can’t get different tokens for admin and user. When I try calling the same endpoint using the user’s password and username I get


"errorCode": "invalid_client",

"errorSummary": "Invalid value for 'client_id' parameter.",

"errorLink": "invalid_client",

"errorId": "oaeamcYjURURC-YXWyt7Xhq0A",

"errorCauses": []


Is there a way to get tokens for admins and users?. I have already created the groups in my developer account and recently added a claim but I am missing the link between the claim and the actual token someone gets.

client_credential flow is not supposed to have a user context. It’s for machine to machine communication. If you want user context use authz_code (or with PKCE). This way your users will have to authenticate to Okta and the token generated will cary information related to a user

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.