Greetings
I’m trying to authenticate using username & password and then using the session token returned from that to get access & refresh tokens. The authentication succeeds and then getting the session fails. I’ve tried three approaches and they all seem to fail in the same way:
In my own iOS app, I’m using OktaAuthSdk.authenticate(…) to sign in with username and password which succeeds, and then (using the token returned) OktaOidc.authenticate(withSessionToken…) which fails with an error “Authorization Error: invalid_client: Client authentication failed. Either the client or the client credentials are invalid.”.
In Okta’s sample custom-sign-in app (https://github.com/okta/samples-ios/tree/master/custom-sign-in) I get the same result. This sample app appears to use the same approach that my own app uses.
Using the curl example from the Okta docs (https://developer.okta.com/docs/reference/api/sessions/#create-session-with-session-token) I get the the following response: {“errorCode”:“E0000004”,“errorSummary”:“Authentication failed”,“errorLink”:“E0000004”,“errorId”:“oaeBXbVvwzUS2GbDx1wUJZjiQ”,“errorCauses”:[].
What am I missing?