Hi, I have a spring boot application with frontend in Angular. My okta configuration is of a web app instead of SPA which I believe is required of Okta Auth JS. Is there anyway to still use the library with the Web App config?
In my /token API I get the error
“error”: “invalid_client”,
“error_description”: “Client authentication failed. Either the client or the client credentials are invalid.”
This looks similar to the discussion in this thread, so you may want to check out @erik’s response there: Using authorization code flow for web client with client secret - #2 by erik
1 Like
Hi, yea I’m trying to do something similar with this.
Running auth JS client side so I can get the access token and send it to backend in request header.
The problem that I’m running into is that my configuration of Okta is web app since I have Java backend. The static SPA examples from Eric don’t work in my case due to different configuration.
Would be really helpful if there’s any way out in this scenario.
Thanks!
If you are looking to get the tokens returned on the Client side, then you will want to configure a SPA in Okta, so that the /token request can be made using PKCE flow (without a Client Secret, since the request would be visible client side).
Your client side app can then pass the resulting Access Token to your back-end as a Bearer token.
Are you instead trying to receive the tokens server side directly?