Why okta-auth-js use old issuer but not the new one I config in codebase to auth and get token?

The product we integrated with okta, in a recent iteration used a new okta issuer with some extral scopes, and configured the new issuer to build okta-client in our code. We use okta-js-auth and okta-react packages in our codebase, and when fetching the token, we found that we were still using the old issuer, after emptying localStorage this error does not happen again. I would like to know how Okta auth client gets the issuer to get the Token, why it is not getting the issuer configured in my code, it is randomly getting it from okta-cache-storage in localstorage?

we config in code base is : https://xxxx.okta.com/oauth2/xxxgD0h8
old issuer: https://xxxx.okta.com/oauth2/default

Parsing the token when facing auth error and find the iss:


And okta-cache-storage:

Did you try clearing cache/cookies between tests?

Clear the local-storage worked, it seems like need to clear the cache when the app initialize every time to avoid this

1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.