<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Okta Custom HTTP OAuth Connector Fails Authentication after Attempting to Refresh the Token
Mar 12, 2026
Workflows
Okta Classic Engine
Okta Identity Engine
Overview

This article explains why a custom HTTP OAuth connector is unable to refresh the token and fails authentication after the initial token expires.

Applies To
  • Okta Workflows
  • HTTP OAuth connector
Cause

The scopes defined for the custom HTTP OAuth connector do not allow token refresh.

Solution
  1. Click re-authorize HTTP connector from Workflows > Settings screen.

  2. Add offline_access (or whatever the vendor has provided that allows for token refresh) as part of the scopes defined for the HTTP OAUTH connector.  Scopes are generally added as a space or comma-delimited set of scopes.

  3. Add the rest of the URL/credentials information.

  4. Click save (if the service provider supports the offline_access scope, the authorization screen will appear; if not, an error will show. If so, contact the vendor to determine their scope for this access).

Recommended content

Still looking for help?
Loading
Okta Custom HTTP OAuth Connector Fails Authentication after Attempting to Refresh the Token