OpenID Connect URLs Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Anton DamianiAnton Damiani 

OpenID Connect URLs

I am trying to build an application using OpenID Connect. My resource server  needs to know the authentication url and token url for Okta. I cant find these values. How can i find these values?
Paul AuerPaul Auer (Okta, Inc.)

Thank you for contacting Okta Support.

The authorization to use resources is done via Access Token. The Access Token is used to provide information about a user, as what resources he has the right to access.
Both ID Token and Access Token are JWT  (JSON Web Tokens) and they are decoded to obtain the user's information. ID Token and Access Token are obtained via REST endpoints.

For more information about OpenID Connect, please refer to our documentation:

Thank you,
Paul Auer
Technical Support Engineer | Okta
Derrick CreamerDerrick Creamer
This was not a very helpful response:  "ID Token and Access Token are obtained via REST endpoints."
Like Anton, I don't see any documentation for WHERE those endpoints are. What is the URL?

The 2 pieces of documentation you linked MIGHT contain the answer, but it's hard to know without reading a LOT of extra (seemingly irrelevant) text.
For example, the 2nd one eventually leads me to this: " /oauth2/:authorizationServerId/v1/authorize"
What is :authorizationServerId? It seems to be unrelated to simply using OpenId Connect to log on using Okta.

Could you elaborate on this response? Thank you.
(Also, I clicked the thumbs-down and then realized I couldn't change it back to neutral or thumbs-up.)
Derrick CreamerDerrick Creamer
I've found the answer to my question, and perhaps the answer to Anton's question as well:
The auth code endpoint is at https://<okta organization URL>/oauth2/v1/authorize
and the token endpoint is at https://<okta organization URL>/oauth2/v1/token
where <okta organization URL> is either like "" or "".