The github java sample fails with a 401 while obtaining a token

I am following the Quickstart
and the Java spring boot sample

I have created an Okta client and followed the instructions - except i had to set login redirect uri =
http://localhost:8080 (as opposed to http://localhost:8080/login/callback)
I have set the environment variables as follows:

Front End:
okta.oauth2.issuer={my_url};okta.oauth2.client-id={my_client_id}

Resource Server:
okta.oauth2.issuer={my_url}

Client configuration:

• AppType=Web,
• AuthCode grant type is checked
• User Consent is checked
• All uris set to http:/localhost:8080 - the FrontEnd url

Started both apps. When I enter my credentials and hit sign in.

https://dev-xxx.okta.com/oauth2/default/v1/token fails with
401
{“error”:“invalid_client”,“error_description”:“Client authentication failed. Either the client or the client credentials are invalid.”}

I have verified that the client-id is correct but cannot find the location where the /token call is made from. It looks like the auth_code grant type is being used.

Bump.
Can someone try out this sample and see if they can get it to work?

have you verified that the client secret is correct? there is no mention of this being set in your post

Readme
The repo instructions do not mention setting the client-secret.

I see that the /v1/token request is made from within global.oktacdn.com/okta-signin-widget/5.2.0/js/okta-sign-in.min.js
It doesn’t seem to be passing the client-secret, which I believe is required to exchange the auth_code for a token. Correct?
Form Data contains [client_id, redirect_uri, grant_type=authorization_code, code_verifier, code]

I tried setting another environment variable for the client-secret (on the frontend). No change - still fails with a 401.

Create a “SPA” application type as mentioned in the prerequisites here and try out the example.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.