Using the '/api/v1/users/me' end point with Bearer tokens

fez · May 19, 2022, 11:13am

Hi,

I’m trying to access the user information of the user logged in using OAuth bearer tokens but it always returns nil for some reason.

This is my OAuth config on my server:

oktaOauthConfig = &oauth2.Config{
			RedirectURL:  opts.DomainName + "/authorization-code/callback",
			ClientID:     mustLoadToken(opts.OktaOauthClientIDFile),
			ClientSecret: mustLoadToken(opts.OktaOauthClientSecretFile),
			Scopes:       []string{},
			Endpoint: oauth2.Endpoint{
				AuthURL:   opts.OktaOauthIssuer + "/v1/authorize",
				TokenURL:  opts.OktaOauthIssuer + "/v1/token",
				AuthStyle: oauth2.AuthStyleInParams,
			},
		}

and this is the GET request I make

API URL: https://${my_company}.okta.com/api/v1/users/me

Header:
Content-Type:application/json
Authorization:Bearer ${{access_token}}

and this is my applications Okta API Scopes (not sure how these actually work):

What am I missing or what do I need to do to make the API not return nil? Any information would be massively appreciated

fez · May 19, 2022, 11:16am

is equal to https://${my_company}.okta.com/oauth2/default

andrea · May 19, 2022, 3:20pm

Your issuer MUST be https://OktaDomain (without /oauth2/authorizationServerId) in order to get tokens back with these claims. This ensures you are using the Org Authorization Server, which is the only authorization server that supports these claims.

More info in our OAuth for Okta guide.

system · May 20, 2022, 3:20pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.