An error is returned when attempting to configure a new OpenID Connect (OIDC) Web Application for Single Sign-On (SSO). The response from the server is missing the expected "code" value, and the following error message is displayed: 

The+authorization+server+id+is+invalid

• OpenID Connect (OIDC)
• Custom Authorization Servers

This error occurs when the authorization server is misconfigured in the application's configuration. A common cause is using the default authorization server ID when the application requires a custom authorization server ID.

To resolve this issue, update the application configuration with the correct issuer value from the intended authorization server:

1. In the Okta Admin Console, navigate to Security > API.

2. Select the Authorization Servers tab.

3. Select the name of the custom authorization server required for the application.

4. Copy the Issuer URI. NOTE: The value is in the format https://<domain.okta.com>/oauth2/<authServerId>.

5. In the external application's OIDC configuration, enter the copied Issuer URI into the issuer field.

6. Click Save to apply the changes.