Working Python/Flask resource server?

I have successfully managed to set up a SPA (Vue). Also I managed to get the sample Node resource-server to run, and display the sample “messages”.

Now, I tried to use a Flask Python script to act as resource-server. To that end I tried creating a new application and downloaded the code sample from there (and later adapted the client id etc.). However I found that this code sample doesn’t quite work, e.g. I had to manually insert CORS management into the code, and then it would still fail with some SSL library issue.

So I went and grabbed the code from here: samples-python-flask/ at master · okta/samples-python-flask · GitHub

Adapted the client_secret_json. Left “client secret” blank as not this is not applicable for the SPA with PKCE I believe.

Anyway, I can’t get this one to run; while the resource server successfully does run in the background, I still get 401 unauthorized responses when trying to access the ‘messages’ section in the Vue frontend.

Does anybody have a Flask/Python code snippet that runs out of the box, or give me a hint on how to get it to run?

Thank you!!


I don’t work with Python, but what you can have, is just a JWT verifier in your resource server, which will check, if any access to protected resources on your server is accompanied by an access token, sent by your frontend.

So make your fronted to log into okta OIDC app and get an access token, which you will then send as a Bearer header to your backend. Then your backend will do whatever I wrote above


Phi1ipp nailed it. And Okta actually JUST released our Python JWT verifier here:

1 Like