Session token from public primary authentication not valid


I’m trying to authenticate using username & password and then using the session token returned from that to get access & refresh tokens. The authentication succeeds and then getting the session fails. I’ve tried three approaches and they all seem to fail in the same way:

In my own iOS app, I’m using OktaAuthSdk.authenticate(…) to sign in with username and password which succeeds, and then (using the token returned) OktaOidc.authenticate(withSessionToken…) which fails with an error “Authorization Error: invalid_client: Client authentication failed. Either the client or the client credentials are invalid.”.

In Okta’s sample custom-sign-in app ( I get the same result. This sample app appears to use the same approach that my own app uses.

Using the curl example from the Okta docs ( I get the the following response: {“errorCode”:“E0000004”,“errorSummary”:“Authentication failed”,“errorLink”:“E0000004”,“errorId”:“oaeBXbVvwzUS2GbDx1wUJZjiQ”,“errorCauses”:[].

What am I missing?