Unable to create an app

My company uses Okta. As a developer I followed a tutorial and created a test app at dev-62489334.okta.com

I then tried to do so with my company’s okta account. I used the same email for both okta organizations (don’t know if that matters). I successfully created something for dev-62489334.okta.com, but when I tried to do so at my company’s okta account, i ran into errors.

I tried to create an app via CLI and I get this error below. Please assist. I have tried 10 or more times. It’s not a typo with my API access token or something like that.

2023-02-02T19:35:03.026-0800 FINE com.okta.sdk.impl.config.OptionalPropertiesSource getProperties - Unable to obtain properties from optional properties source com.okta.sdk.impl.config.ResourcePropertiesSource@32cb507a
2023-02-02T19:35:03.080-0800 FINE com.okta.sdk.impl.client.DefaultClientBuilder build - No CacheManager configured. Defaulting to in-memory CacheManager with default TTL and TTI of five minutes.
2023-02-02T19:35:03.087-0800 FINE com.okta.commons.http.httpclient.HttpClientRequestExecutor getRequestExecutorParam - Configuration property [connectionTimeToLive: Invalid connection time to live value] not set, Falling back to default value: 300000
2023-02-02T19:35:03.120-0800 FINE com.okta.commons.http.httpclient.HttpClientRequestExecutor getRequestExecutorParam - Configuration property [validateAfterInactivity: Invalid max connection inactivity validation value] not set, Falling back to default value: 2000
2023-02-02T19:35:03.120-0800 FINE com.okta.commons.http.httpclient.HttpClientRequestExecutor getRequestExecutorParam - Configuration property [maxConnectionsTotal: Bad max connection total value] not set, Falling back to default value: 2147483647
2023-02-02T19:35:03.120-0800 FINE com.okta.commons.http.httpclient.HttpClientRequestExecutor getRequestExecutorParam - Configuration property [maxConnectionsPerRoute: Bad max connection per route value] not set, Falling back to default value: 1073741823
2023-02-02T19:35:03.120-0800 FINE com.okta.commons.http.httpclient.HttpClientRequestExecutor getRequestExecutorParam - Configuration property [maxConnectionsPerRoute: Bad max connection per route value] not set, Falling back to default value: 1073741823
2023-02-02T19:35:03.120-0800 FINE com.okta.commons.http.httpclient.HttpClientRequestExecutor getRequestExecutorParam - Configuration property [maxConnectionsTotal: Bad max connection total value] not set, Falling back to default value: 2147483647
2023-02-02T19:35:03.246-0800 FINE org.apache.http.client.protocol.RequestAuthCache process - Auth cache not set in the context
2023-02-02T19:35:03.248-0800 FINE org.apache.http.impl.conn.PoolingHttpClientConnectionManager requestConnection - Connection request: [route: {s}->https://<REDACTED>.okta.com:443][total available: 0; route allocated: 0 of 1073741823; total allocated: 0 of 2147483647]
2023-02-02T19:35:03.252-0800 FINE org.apache.http.impl.conn.PoolingHttpClientConnectionManager leaseConnection - Connection leased: [id: 0][route: {s}->https://<REDACTED>.okta.com:443][total available: 0; route allocated: 1 of 1073741823; total allocated: 1 of 2147483647]
2023-02-02T19:35:03.252-0800 FINE org.apache.http.impl.execchain.MainClientExec execute - Opening connection {s}->https://<REDACTED>.okta.com:443
2023-02-02T19:35:03.316-0800 FINE org.apache.http.impl.conn.DefaultHttpClientConnectionOperator connect - Connecting to <REDACTED>.okta.com/13.248.212.212:443
2023-02-02T19:35:03.316-0800 FINE org.apache.http.conn.ssl.SSLConnectionSocketFactory connectSocket - Connecting socket to <REDACTED>.okta.com/13.248.212.212:443 with timeout 30000
2023-02-02T19:35:03.343-0800 FINE org.apache.http.conn.ssl.SSLConnectionSocketFactory createLayeredSocket - Enabled protocols: [TLSv1.3, TLSv1.2]
2023-02-02T19:35:03.343-0800 FINE org.apache.http.conn.ssl.SSLConnectionSocketFactory createLayeredSocket - Enabled cipher suites:[TLS_AES_256_GCM_SHA384, TLS_AES_128_GCM_SHA256, TLS_CHACHA20_POLY1305_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
2023-02-02T19:35:03.343-0800 FINE org.apache.http.conn.ssl.SSLConnectionSocketFactory createLayeredSocket - Starting handshake
2023-02-02T19:35:03.551-0800 FINE org.apache.http.conn.ssl.SSLConnectionSocketFactory verifyHostname - Secure session established
2023-02-02T19:35:03.551-0800 FINE org.apache.http.conn.ssl.SSLConnectionSocketFactory verifyHostname -  negotiated protocol: TLSv1.2
2023-02-02T19:35:03.551-0800 FINE org.apache.http.conn.ssl.SSLConnectionSocketFactory verifyHostname -  negotiated cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
2023-02-02T19:35:03.552-0800 FINE org.apache.http.conn.ssl.SSLConnectionSocketFactory verifyHostname -  peer principal: CN=*.okta.com, O="Okta, Inc.", L=San Francisco, ST=California, C=US
2023-02-02T19:35:03.552-0800 FINE org.apache.http.conn.ssl.SSLConnectionSocketFactory verifyHostname -  peer alternative names: [*.okta.com, okta.com]
2023-02-02T19:35:03.552-0800 FINE org.apache.http.conn.ssl.SSLConnectionSocketFactory verifyHostname -  issuer principal: CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-02-02T19:35:03.557-0800 FINE org.apache.http.impl.conn.DefaultHttpClientConnectionOperator connect - Connection established 192.168.0.27:49676<->13.248.212.212:443
2023-02-02T19:35:03.558-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection setSocketTimeout - http-outgoing-0: set socket timeout to 30000
2023-02-02T19:35:03.559-0800 FINE org.apache.http.impl.execchain.MainClientExec execute - Executing request GET /api/v1/authorizationServers HTTP/1.1
2023-02-02T19:35:03.559-0800 FINE org.apache.http.impl.execchain.MainClientExec execute - Proxy auth state: UNCHALLENGED
2023-02-02T19:35:03.562-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onRequestSubmitted - http-outgoing-0 >> GET /api/v1/authorizationServers HTTP/1.1
2023-02-02T19:35:03.562-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onRequestSubmitted - http-outgoing-0 >> Host: <REDACTED>.okta.com
2023-02-02T19:35:03.562-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onRequestSubmitted - http-outgoing-0 >> Accept-Encoding: gzip
2023-02-02T19:35:03.562-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onRequestSubmitted - http-outgoing-0 >> Accept: application/json
2023-02-02T19:35:03.562-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onRequestSubmitted - http-outgoing-0 >> User-Agent: okta-sdk-java/8.1.0 okta-cli/0.10.0-90271f8 java/11.0.14 Mac OS X/10.16.0
2023-02-02T19:35:03.562-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onRequestSubmitted - http-outgoing-0 >> Authorization: SSWS 009-atYN5hXDCen0R8FGz5J_tOneajMCn8WR8z6w7x
2023-02-02T19:35:03.562-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onRequestSubmitted - http-outgoing-0 >> Connection: Keep-Alive
2023-02-02T19:35:03.563-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 >> "GET /api/v1/authorizationServers HTTP/1.1[\r][\n]"
2023-02-02T19:35:03.563-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 >> "Host: <REDACTED>.okta.com[\r][\n]"
2023-02-02T19:35:03.563-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 >> "Accept-Encoding: gzip[\r][\n]"
2023-02-02T19:35:03.563-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 >> "Accept: application/json[\r][\n]"
2023-02-02T19:35:03.563-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 >> "User-Agent: okta-sdk-java/8.1.0 okta-cli/0.10.0-90271f8 java/11.0.14 Mac OS X/10.16.0[\r][\n]"
2023-02-02T19:35:03.563-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 >> "Authorization: SSWS 009-atYN5hXDCen0R8FGz5J_tOneajMCn8WR8z6w7x[\r][\n]"
2023-02-02T19:35:03.563-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 >> "Connection: Keep-Alive[\r][\n]"
2023-02-02T19:35:03.563-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 >> "[\r][\n]"
2023-02-02T19:35:03.946-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "HTTP/1.1 401 Unauthorized[\r][\n]"
2023-02-02T19:35:03.946-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "Date: Fri, 03 Feb 2023 03:35:03 GMT[\r][\n]"
2023-02-02T19:35:03.947-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "Content-Type: application/json[\r][\n]"
2023-02-02T19:35:03.947-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "Transfer-Encoding: chunked[\r][\n]"
2023-02-02T19:35:03.947-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "Connection: keep-alive[\r][\n]"
2023-02-02T19:35:03.947-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "Server: nginx[\r][\n]"
2023-02-02T19:35:03.947-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "Public-Key-Pins-Report-Only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "x-okta-request-id: Y9yA5-SB6V9BbXbXcSFICgAADjw[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "x-xss-protection: 0[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "p3p: CP="HONK"[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "content-security-policy: default-src 'self' <REDACTED>.okta.com *.oktacdn.com; connect-src 'self' <REDACTED>.okta.com <REDACTED>-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com <REDACTED>.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' <REDACTED>.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' <REDACTED>.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' <REDACTED>.okta.com <REDACTED>-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' <REDACTED>.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' <REDACTED>.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "x-rate-limit-limit: 500[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "x-rate-limit-remaining: 499[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "x-rate-limit-reset: 1675395363[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "cache-control: no-cache, no-store[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "pragma: no-cache[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "expires: 0[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "x-content-type-options: nosniff[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "Strict-Transport-Security: max-age=315360000; includeSubDomains[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "set-cookie: sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "set-cookie: autolaunch_triggered=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "set-cookie: JSESSIONID=280AE88579B6CF329DC676E47703407F; Path=/; Secure; HttpOnly[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "bb[\r][\n]"
2023-02-02T19:35:03.948-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "{"errorCode":"E0000015","errorSummary":"You do not have permission to access the feature you are requesting","errorLink":"E0000015","errorId":"oae2CFLQMZsSEe6FMxDVAxvhQ","errorCauses":[]}[\r][\n]"
2023-02-02T19:35:03.951-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << HTTP/1.1 401 Unauthorized
2023-02-02T19:35:03.951-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << Date: Fri, 03 Feb 2023 03:35:03 GMT
2023-02-02T19:35:03.951-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << Content-Type: application/json
2023-02-02T19:35:03.951-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << Transfer-Encoding: chunked
2023-02-02T19:35:03.951-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << Connection: keep-alive
2023-02-02T19:35:03.951-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << Server: nginx
2023-02-02T19:35:03.951-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << Public-Key-Pins-Report-Only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
2023-02-02T19:35:03.951-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << x-okta-request-id: Y9yA5-SB6V9BbXbXcSFICgAADjw
2023-02-02T19:35:03.951-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << x-xss-protection: 0
2023-02-02T19:35:03.951-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << p3p: CP="HONK"
2023-02-02T19:35:03.952-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << content-security-policy: default-src 'self' <REDACTED>.okta.com *.oktacdn.com; connect-src 'self' <REDACTED>.okta.com <REDACTED>-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com <REDACTED>.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' <REDACTED>.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' <REDACTED>.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' <REDACTED>.okta.com <REDACTED>-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' <REDACTED>.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' <REDACTED>.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
2023-02-02T19:35:03.952-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << x-rate-limit-limit: 500
2023-02-02T19:35:03.952-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << x-rate-limit-remaining: 499
2023-02-02T19:35:03.952-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << x-rate-limit-reset: 1675395363
2023-02-02T19:35:03.952-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << cache-control: no-cache, no-store
2023-02-02T19:35:03.952-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << pragma: no-cache
2023-02-02T19:35:03.952-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << expires: 0
2023-02-02T19:35:03.952-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
2023-02-02T19:35:03.952-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << x-content-type-options: nosniff
2023-02-02T19:35:03.952-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << Strict-Transport-Security: max-age=315360000; includeSubDomains
2023-02-02T19:35:03.952-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << set-cookie: sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
2023-02-02T19:35:03.952-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << set-cookie: autolaunch_triggered=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
2023-02-02T19:35:03.952-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection onResponseReceived - http-outgoing-0 << set-cookie: JSESSIONID=280AE88579B6CF329DC676E47703407F; Path=/; Secure; HttpOnly
2023-02-02T19:35:03.956-0800 FINE org.apache.http.impl.execchain.MainClientExec execute - Connection can be kept alive indefinitely
2023-02-02T19:35:03.957-0800 FINE org.apache.http.impl.auth.HttpAuthenticator isAuthenticationRequested - Authentication required
2023-02-02T19:35:03.958-0800 FINE org.apache.http.impl.auth.HttpAuthenticator handleAuthChallenge - <REDACTED>.okta.com:443 requested authentication
2023-02-02T19:35:03.958-0800 FINE org.apache.http.impl.auth.HttpAuthenticator handleAuthChallenge - Response contains no authentication challenges
2023-02-02T19:35:03.962-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "0[\r][\n]"
2023-02-02T19:35:03.962-0800 FINE org.apache.http.impl.conn.Wire wire - http-outgoing-0 << "[\r][\n]"
2023-02-02T19:35:03.962-0800 FINE org.apache.http.impl.conn.PoolingHttpClientConnectionManager releaseConnection - Connection [id: 0][route: {s}->https://<REDACTED>.okta.com:443] can be kept alive indefinitely
2023-02-02T19:35:03.962-0800 FINE org.apache.http.impl.conn.LoggingManagedHttpClientConnection setSocketTimeout - http-outgoing-0: set socket timeout to 0
2023-02-02T19:35:03.963-0800 FINE org.apache.http.impl.conn.PoolingHttpClientConnectionManager releaseConnection - Connection released: [id: 0][route: {s}->https://<REDACTED>.okta.com:443][total available: 1; route allocated: 1 of 1073741823; total allocated: 1 of 2147483647]
com.okta.sdk.resource.ResourceException: HTTP 401, Okta E0000015 (You do not have permission to access the feature you are requesting), ErrorId oae2CFLQMZsSEe6FMxDVAxvhQ
	at com.okta.sdk.impl.ds.DefaultDataStore.execute(DefaultDataStore.java:488)
	at com.okta.sdk.impl.ds.DefaultDataStore.lambda$getResourceData$2(DefaultDataStore.java:213)
	at com.okta.sdk.impl.ds.DefaultFilterChain.filter(DefaultFilterChain.java:47)
	at com.okta.sdk.impl.ds.cache.WriteCacheFilter.filter(WriteCacheFilter.java:34)
	at com.okta.sdk.impl.ds.DefaultFilterChain.filter(DefaultFilterChain.java:52)
	at com.okta.sdk.impl.ds.cache.ReadCacheFilter.filter(ReadCacheFilter.java:42)
	at com.okta.sdk.impl.ds.DefaultFilterChain.filter(DefaultFilterChain.java:52)
	at com.okta.sdk.impl.ds.DefaultDataStore.getResourceData(DefaultDataStore.java:225)
	at com.okta.sdk.impl.ds.DefaultDataStore.getResource(DefaultDataStore.java:181)
	at com.okta.sdk.impl.ds.DefaultRequestBuilder.get(DefaultRequestBuilder.java:91)
	at com.okta.cli.common.service.DefaultAuthorizationServerService.authorizationServersMap(DefaultAuthorizationServerService.java:33)
	at com.okta.cli.commands.apps.CommonAppsPrompts.getIssuer(CommonAppsPrompts.java:36)
	at com.okta.cli.commands.apps.AppsCreate.getIssuer(AppsCreate.java:197)
	at com.okta.cli.commands.apps.AppsCreate.createWebApp(AppsCreate.java:109)
	at com.okta.cli.commands.apps.AppsCreate.runCommand(AppsCreate.java:84)
	at com.okta.cli.commands.BaseCommand.call(BaseCommand.java:41)
	at com.okta.cli.commands.BaseCommand.call(BaseCommand.java:26)
	at picocli.CommandLine.executeUserObject(CommandLine.java:1953)
	at picocli.CommandLine.access$1300(CommandLine.java:145)
	at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2358)
	at picocli.CommandLine$RunLast.handle(CommandLine.java:2352)
	at picocli.CommandLine$RunLast.handle(CommandLine.java:2314)
	at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2179)
	at picocli.CommandLine$RunLast.execute(CommandLine.java:2316)
	at picocli.CommandLine.execute(CommandLine.java:2078)
	at com.okta.cli.OktaCli.run(OktaCli.java:68)
	at com.okta.cli.OktaCli.main(OktaCli.java:58)

It looks like an error is thrown when the CLI tried to call the /api/v1/authorizationServers endpoint as follows: You do not have permission to access the feature you are requesting

You are seeing this error because, while your dev-* org has the API Access Management feature that allows you to use/manage Custom Authorization Servers associated with that endpoint, but this is a paid feature for Production orgs and your company’s org likely lacks this feature. At this time, the CLI is designed around orgs that do have this feature, so you will not be able to use the CLI with this org unless you get the missing API Access Management SKU.