You are not allowed to access this app. okta-angular-oie-sample-quickstart

I am trying to use the self hosted js widget, however when I use the okta-angular-oie-sample-quickstart I get the error:
“You are not allowed to access this app. To request access, contact an admin.”
this comes back from a POST to /idp/idx/identify made by the Okta js library which returns 401.
However when I use the same clientId and user with the redirect method the authentication succeeds.

I have double checked the set up instructions and cannot see any differences in my dev Okta instance.

Also in the system logs I see the following three events:
[Evaluation of sign-on policy][ALLOW]
[User login to Okta][SUCCESS]
[User single sign on to app][SUCCESS]

which might imply that the login was successful, however I get the above error and get bounced back to the widget login prompt.

Does anyone have any suggestions about what I can investigate or even better, what am I doing wrong.

If anyone else comes across this error for these Interaction Code flows, there are three places to enable it.

  1. On the org itself (otherwise you can’t set the next two)
  2. On the authentication server (this was missing for me)
  3. On the application

It is a shame the system logs did not indicate the failure in some way.

1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.