We are using OKTA OpenId Connect rest API for authentication, when I call /oauth2/v1/authorize with session token, client id and other parameters I am getting html form as response with token and other response parameters as hidden fields

mcguinness · July 25, 2017, 10:16pm

The format of the authorization response is controlled via the response_mode parameter. Okta supports several modes including query, fragment, form_post, and okta_post_message (proprietary).

The authorization endpoint is not a JSON API. Its intended to be a front channel endpoint that you redirect the browser to. The token endpoint is the back channel endpoint that returns JSON.

Are you trying to use OIDC from a Single Page App? If so, you might want to look at using okta_post_message which can use HTML5 PostMessage with a hidden iframe.

Post		Replies	Views
Issues in getting the access token OAuth/OIDC	2	4357	November 14, 2018
Browserless Session Token => Authorization Code Exchange OAuth/OIDC	2	3190	June 17, 2022
Connected to AuthenticationClient how to retrieve JWT token? OAuth/OIDC	2	2720	September 20, 2022
Calling outh2/v1/authorize api from java redirects to login.html url Questions	3	3752	June 3, 2021
Need help with hitting okta /authorize endpoint for access token OAuth/OIDC	2	3230	September 20, 2022

We are using OKTA OpenId Connect rest API for authentication, when I call /oauth2/v1/authorize with session token, client id and other parameters I am getting html form as response with token and other response parameters as hidden fields

Related topics