When attempting an authorization request, the service provider or relying party displays the following error message:
The response type is not supported by the authorization server. Configured response types: [code, id_token]
- OAuth 2.0
- OpenID Connect (OIDC)
- Okta Applications (General Settings)
- Custom Authorization Servers (Access Policies)
This issue occurs because the specific grant type required for the OAuth/OIDC flow being used is not enabled in the Okta application's General Settings or within the Access Policies of a Custom Authorization Server. The response_type parameter in the authorization request does not align with the configured grant types on the Okta side.
-
Enable the required Grant Type in Okta Application Settings:
- Access the Okta Admin Console.
-
Navigate to the application.
-
Go to the General Settings tab.
-
Under General Settings, locate the "Grant type" section and enable the grant type corresponding to the OAuth/OIDC flow where the service provider/relying party is implementing (for example, "Authorization Code," "Implicit," "Hybrid").
2. Enable Grant Type in Custom Authorization Server Access Policies (if applicable):
-
If using a Custom Authorization Server, navigate to Security > API in the Okta Admin Console.
-
Select the Custom Authorization Server.
-
Go to the Access Policies tab.
-
Select the relevant policy and Edit Rule.
-
Ensure the necessary grant type is enabled within the policy rule.
3. Verify response_type in the Application's Authorization Request:
-
After configuring the settings in Okta, confirm that the application is passing the correct
response_typevalue(s) in its authorization request, matching the enabled grant types.
For example:-
For Authorization Code Flow, use
response_type=code. -
For Implicit Flow, use
response_type=id_tokenorresponse_type=token id_token. -
For Hybrid Flow, use
response_type=code id_token.
-
