V1/token is returning 401 unauthorized

I am trying to implement the Authorization code PKCE flow in my angular application

Here is how my /Authorize call looks like

https://{domain}/oauth2/auspx13uvj6xxxxxxxxx/v1/authorize?response_type=code&client_id=0oap5zbsyzbxxxx&state=F1ZiLJvZJ4RSReb6Ks-NuSCfsjqhr1KYx9YjFQXOIJR8D&redirect_uri=http%3A%2F%2Flocalhost%3A4200%2Flogin&scope=openid%20groups%20profile%20email&code_challenge=n_BCC0MF4Bs7Yd2GaAtycxxxxxxS_MF3-8wBc&code_challenge_method=S256&nonce=F1ZiLJvZJ4RSReb6Ks-NuSCfsjqhr1KYx9Yxxxx

In the redirect I get the Authorization_code back

http://localhost:4200/login?code=6og7fphNBXShxxxxxxx&state=F1ZiLJvZJ4RSReb6Ks-NuSCfsjqhr1KYx9YjFQXOIJR8D

When the /token call goes out to get the access token I keep getting 401 unauthorized error not sure why.

https://{domain}/oauth2/auspx13uvj6eHxxxxx/v1/token
the error is:
{“error”:“invalid_client”,“error_description”:“No client credentials found.”}

and the parameters are going with the post request

grant_type: authorization_code
code: 6og7fphNBXShxxxxxx
redirect_uri: http://localhost:4200/login
code_verifier: _V-RkYs5k73YWAYGcRL5eV2iyxxxxxxxxoGK
client_id: 0oap5zbsyzbH1xxxxxxxx
https://{domain}/oauth2/auspx13uvj6exxxxxxxxx/v1/token

I have SPA application setup. Not sure if this is the correct application setup in okta for this workflow to work? Can you please point me to the right direction?
here is a screen shot of my OKTA app


Hi @jelbatnigi

The request looks correct, however the 401 means that Okta could not read the values provided. Can you please let me know what is the format in which you are sending the payload to the /token endpoint (application/x-www-form-urlencoded, application/json, etc.)?

Hi dragos,
I just found out the problem. I am using an interceptor in my app so I can intercept any http call and attach the Bearer token in my header for autherization with my APIs.
so the /token call was getting intercepted and adding “Authorization: Bearer null” to the header causing it to fail.
now I need to make sure I intercept the right calls.

Thanks!

hi @jelbatnigi so i have the same please problem, please help me share how can you solve it?
thanks