The product we integrated with okta, in a recent iteration used a new okta issuer with some extral scopes, and configured the new issuer to build okta-client in our code. We use okta-js-auth and okta-react packages in our codebase, and when fetching the token, we found that we were still using the old issuer, after emptying localStorage this error does not happen again. I would like to know how Okta auth client gets the issuer to get the Token, why it is not getting the issuer configured in my code, it is randomly getting it from okta-cache-storage in localstorage?
we config in code base is : https://xxxx.okta.com/oauth2/xxxgD0h8
old issuer: https://xxxx.okta.com/oauth2/default
Parsing the token when facing auth error and find the iss:
And okta-cache-storage: