Unable to get scope "okta.users.read" working in OpenID connect API call

Hello All, Can you please let me know the reason the below query is not working in postman?

https://dev.oktapreview.com/oauth2/default/v1/authorize?client_id=xxxxxxxxxxxxxxxxxxxxxxxx&state=1234&nonce=UBGW&response_type=code&scope=okta.users.read&redirect_uri=http%3A%2F%2Ftestchandan.com%3A5001

but the following API call is working and its prompting for credentials.

https://dev.oktapreview.com/oauth2/default/v1/authorize?client_id=xxxxxxxxxxxxxxxxxxxxxxxx&state=1234&nonce=UBGW&response_type=code&scope=openid&redirect_uri=http%3A%2F%2Ftestchandan.com%3A5001

Hi there - A couple things:

  1. OAuth for Okta uses the org server for granting tokens, not a custom/default auth server. So you’ll want to get rid of the /default/ in your URL.
  2. Have you granted the okta.users.read scope in your Okta app? You need to grant this scope under the Okta API Scopes tab in your application integration.
2 Likes

Thanks Cale. This works.