Using postman or angular to access my okta protected spring boot service

advii · February 3, 2020, 5:58pm

I have my spring boot app protected with okta with a client id and client secret.
when I am trying to access the api thru the browser I get redirected to okta login page and after logging in my requests work.
However, this won’t work with postman obviously and I am struggling with how I can perform authentication calling my spring boot service from postman or angular. i probably need the access token and refresh token but do not know exactly how.
i would be very thankful for a simple guide step by step on how to call my api from postman and/or from angular - the existing documentation is confusing for me.

dragos · February 4, 2020, 1:55am

Hi @advii

To access the application through Postman, you will need to do the following:

Authenticate the user through API and pass the MFA challenge if required in order to get a sessionToken.
Pass the sessionToken as a query parameter to the /authorize endpoint as shown here; this request will authenticate and authorize the user, sending the details to the Spring Boot application.

advii · March 20, 2020, 6:47pm

Still not clear.

what am I doing wrong here?
I use this call in postman:

{{url}}/oauth2/v1/authorize?client_id=0oa213871t9STk5R8357&response_type=id_token&scope=openid&prompt=none&redirect_uri={{url}}/login/oauth2/code/okta&state&nonce=n-0S6_WzA2Mj&sessionToken=20111kdYrnEnVoqLoOjl9_OY1cpHO5jeTmB4zMqLmf2ofRvrNXbxtUG

and I get a html response (why? why not json?) saying that I have to enter the redirect_uri as it is in the application details. so in my application details it is: http://localhost:8080/login/oauth2/code/okta. whether I put it like this or use my domain instead of localhost, I still get the redirect_uri error!

dragos · March 23, 2020, 6:01am

Hi @advii

The redirect_uri that you are passing on the /authorize endpoint needs to be added in Okta under Admin >> Applications >> your OIDC application >> General tab >> Login Redirect URIs section. Can you please add it and try once again?

advii · March 23, 2020, 1:53pm

f… me why is this process so complicated. I so hate it already.
and again, why, even though I specify prompt = none, I get html content?!

advii · March 23, 2020, 1:56pm

those are my settings:

Login redirect URIs
http://localhost:8080/login/oauth2/code/okta
https://oidcdebugger.com/debug
Logout redirect URIs
Login initiated by App Only
Initiate login URI http://localhost:8080/login/oauth2/code/okta

btw, the call works in oidbc debugger webpage , but only with the oidcdebugger.com/debug redirect uri, not with the first one.