Retrieve Tokens from Interaction_Code

NelsonAndre · June 28, 2022, 3:29pm

Hello,
I’m using the sign-in widget in my application.
My okta app is Web.
I’m able to authenticate in Okta and I’m redirected to the configured page with the interaction_code parameter filled in.

I’m then calling https://myenvironment.okta.com/oauth2/default/v1/token?client_id={client_id}&client_secret={client_secret}&grant_type=interaction_code&redirect_uri={redirect_url}&code={code}&code_verifier={code_verifier}

as per the information here OpenID Connect & OAuth 2.0 API | Okta Developer

but I keep getting the error 400 Bad Request

{
“error”: “invalid_grant”,
“error_description”: “The interaction code is invalid or has expired.”
}

Any ideas?

eafigbo · January 3, 2023, 3:17am

Hi Nelson,
Try the following:
https://myenvironment.okta.com/oauth2/default/v1/token?client_id={client_id}&client_secret={client_secret}&grant_type=interaction_code&redirect_uri={redirect_url}&interaction_code={interaction_code}&code_verifier={code_verifier}&state={state}

See the interaction code flow docs for more info: Implement authorization by grant type | Okta Developer
Goodluck!