How do I request an access token for a specific resource? Skip to main content
https://support.okta.com/help/answers?id=9062a000000dfklqaw&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Cletis GipsonCletis Gipson 

How do I request an access token for a specific resource?

i have several client applications (web app) and several (APIs).  Each app can call a select set of those APIs.  Is there a way, that I can protect each api.  Say by having my client apps request an access token for a specific api?  And passing along the user information in the access token?
Adina EnacheAdina Enache (Vendor Management)
Hi Cletis,

Thank you for reaching out to Okta community.
The documentation shown for the Okta API Management should be able to assist you with this. Take a look here: https://support.okta.com/help/Documentation/Knowledge_Article/API-Access-Management
I recommend opening a Customer Support ticket if you want that feature to be activated.


Best regards,

Adina Enache 
Okta Support
Cletis GipsonCletis Gipson
That didn't really answer my question.  I have looked over all the documentation and videos.

Lets say my .NET app, requires access to two separate apis.  How do I handle that configuration in okta?  Do I have two different authorization servers or one?  As in the .net example, I dont really see a way to request an access token from another "authorization server".

Basically we are going to have multiple .net apps and multipe apis.  These apps need to be able to call the apis on behalf of the user.  Each app will have a certain subset of the apis that is allowed to call.  

I am sure someone has done this before, I am just not sure how to mimic that in okta.  The documentation is very basic and does not really go into more advanced scenarios.

Is there an example of something like this that I can look at?
Adina EnacheAdina Enache (Vendor Management)
Hi Cletis,


You will need separate OIDC in Okta for every web app and for every API you will need an authorization server. 
For a deeper understanding of your configuration and desired functionality, please open a support ticket via https://support.okta.com/help/open_case so we can better assist you.




Thank you,

Adina Enache
Okta support
Dylann FezeuDylann Fezeu (Customer First Programs)
Hello,

Thanks for posting your inquiry in Okta Community Portal.

​If you receive a great answer to your question(s), please help readers find it by marking it the best answer. Hover over the answer and click "Best Answer." 

Thank you,

​Dylann Fezeu
OHC Team