Spring Boot Okta Login Page Showing Invalid credentials

I have a problem about opening the login page of okta through http://localhost:9090/authenticate/login

I already get a page with showing a message which named “Invalid Crediantials”

Even if I recreate an app in app many times, I couldn’t solve the issue.

How can I fix it?

Here is the okta script of application.yml

okta:
  oauth2:
    issuer: https://dev-54315943.okta.com/oauth2/default
    audience: api://default
    client-id: 0oa6s3zb19diYE0Fs5d7
    client-secret: Et8NxudIRKlKSTpNPoF0uPkPgNzOuzLx0UGts08G
    scopes: openid, email, profile, offline_access

Here is the controller for okta

@RestController
@RequestMapping("/authenticate")
@Slf4j
public class AuthController {

    @GetMapping("/login")
    public ResponseEntity<AuthenticationResponse> login(
            @AuthenticationPrincipal OidcUser oidcUser,
            Model model,
            @RegisteredOAuth2AuthorizedClient("okta")
            OAuth2AuthorizedClient client
    ) {

        log.info("AuthController | login is called");
        log.info("AuthController | login | client : " + client.toString());

        AuthenticationResponse authenticationResponse = null;
        try{
            authenticationResponse
                    = AuthenticationResponse.builder()
                    .userId(oidcUser.getEmail())
                    .accessToken(client.getAccessToken().getTokenValue())
                    .refreshToken(client.getRefreshToken().getTokenValue())
                    .expiresAt(client.getAccessToken().getExpiresAt().getEpochSecond())
                    .authorityList(oidcUser.getAuthorities()
                            .stream()
                            .map(GrantedAuthority::getAuthority)
                            .collect(Collectors.toList()))
                    .build();
        }catch (Exception e){
            log.info("AuthController | login | error : " + e.getMessage());
        }


        return new ResponseEntity<>(authenticationResponse, HttpStatus.OK);
    }
}

Here is the configuration of okta

@Configuration
@EnableWebFluxSecurity
public class OktaOAuth2WebSecurity {

    @Bean
    public SecurityWebFilterChain securityFilterChain(ServerHttpSecurity http) {
        http
                .authorizeExchange()
                .anyExchange().authenticated()
                .and()
                .oauth2Login()
                .and()
                .oauth2ResourceServer()
                .jwt();
        return http.build();
    }
}

How does your application handle primary authentication into Okta? Redirecting to the Okta hosted login page or are you trying to get an embedded login page working?

Are you following a particular guide/sample of ours?

When I make a request to this link named localhost:9090/authenticate/login okta login page is opened.
Next , I enter email address and password which are already defined as a user in okta and its status named Active. I got a message “Invalid credentials” after clicking the login.

How can I fix it?

First you should run all services defined below in order.
1 ) Registry Server (Eureka Server)
2 ) Cloud Server
3 ) Api Gateway
4 ) Run other services

Here is the example link : Link

Here are some screenshots shown below.





@andrea I’m also having exact same issue. Any idea on how to resolve this ?

Are you seeing an API calls failing when you test your app?

@andrea No any errors when try to login

Hm. so the /authorize call is successful at least, that’s promising. Any logs on the Java side for whether or not the /token call happened and whether or not it succeeded?