I am trying to implement the OAuth 2.0/OIDC using Okta as Identity Provider. I have sucessfully created the authorization server but I have run into a problem when trying to reach the token retrieval endpoint.
"error_description": "One of the system claims could not be evaluated."
Steps to reproduce: 1. User visits the Get Authorization Code endpoint (/v1/authorize) as described in the Postman docs (I get the code and state back as expected) 2. Pass the code to my REST API, which then tries to obtain user tokens from Okta by visiting the Get Access Token With Code endpoint (/v1/token) as described in Postman docs (I get the error posted above as a response)
Question: How can I find out what exactly went wrong?
All the claims in the authorization server are defaults and I didn't tinker with them. I have no idea which one is failing or why. I can retrieve the authorization server metadata from the API but trying to get user tokens keeps failing.
If you need any additional information please do let me know.
This type of issue is best handled by our developer team. You can reach them at firstname.lastname@example.org. Please provide them as much information as possible. More information about this topic can be found in our documentation at: https://developer.okta.com/use_cases/authentication/