A user receives the following error message when are redirected to the /authorize endpoint.  No detailed error description appears on the page. This issue typically occurs during an attempt to initiate an OpenID Connect(OIDC) authentication flow.

400 Bad Request 

• OIDC Application

The authorization request is invalid due to a misconfiguration in the authorized URL or within the application settings in Okta. If no error description appears on the page, see if the redirect_uri provided is unrecognized the usual issue is with the client_id.

Perform the following checks to resolve the error:

1. Verify the application status in the Okta Admin Console. Ensure the OIDC application is set to Active.
2. Check if the valid client_id is provided in the request.
3. Confirm the client_id is associated with the specific Okta organization subdomain where the request is made.
4. Ensure the client_id matches the value in the Admin Console exactly, as these values are case-sensitive.
5. Verify that no extraneous spaces exist in the client_id or other request parameters.

Related References

• Error "400 Bad Request" - The redirect_uri Parameter Must Be a Login Redirect URI in the Client App Settings