Unable to list users from a different Okta org using OAuth 2.0 Authorization Code Flow

PhaniMathangi · December 27, 2024, 12:22pm

I have created an OAuth app in my Okta account and shared the client ID and secret with the client (admin) from another Okta organization. The admin is trying to authenticate, but they receive an error message: 'Unable to sign in

I have checked the Okta OAuth app’s redirect URIs, client ID, and client secret. I also verified that the scopes (e.g., okta.users.read) are configured correctly. The app works when assigned to users in my organization, but when the client (from another Okta org) tries to authenticate, it fails.

Can anyone guide me on what I need to configure to allow external Okta organizations to authenticate successfully using OAuth 2.0? Do I need to assign users from the client’s Okta org to my app, or is there another configuration needed?

krishna · December 31, 2024, 7:51am

You can check the system logs to see what this error is really about: View Organization activity with the System Log based on the client ID—you would get more information about the issue there.

Also, it’s better this can be a support ticket in the Okta portal, as this requires much more information about how the admin is accessing and what the requirements are and the scope they are requesting.

Post		Replies	Views
Unable to sign in with additional users OAuth/OIDC	5	1768	February 15, 2024
Allow client users to sign in to my application using their client okta account credentials OAuth/OIDC	2	1432	March 15, 2024
Allow multiple organizations to sign in Questions	3	4305	October 11, 2021
400 Bad Request Your request resulted in an error. User is not assigned to the client application OAuth/OIDC	1	23	January 14, 2025
Showing the message that User is not assigned to the client application after OKTA login OAuth/OIDC	4	3943	February 12, 2024

Unable to list users from a different Okta org using OAuth 2.0 Authorization Code Flow

Related topics