OAuth 2.0 Re-authentication Fails With 503 Error for Okta SCIM Provisioning
Last Updated:
Overview
When attempting to re-authenticate a System for Cross-domain Identity Management (SCIM) connection for a custom Okta application after updating an expired client secret, the re-authentication process fails. A pop-up window appears, displaying a 503 error or a completely blank screen, along with an empty bullet-point error message under the Re-authenticate button. Consequently, attempts to push users or groups fail. This issue is resolved by performing re-authentication in Google Chrome.
Applies To
- Okta Identity Engine (OIE)
- Classic Engine
- System for Cross-domain Identity Management (SCIM)
- OAuth 2.0 Authentication
- Browser Compatibility
Cause
This behavior is typically caused by browser-specific restrictions, cookie handling, or script blocks that affect the OAuth 2.0 re-authentication pop-up window in certain non-Chrome browsers.
Solution
How is the SCIM connection re-authenticated successfully?
Use Google Chrome to successfully re-authenticate the SCIM connection and bypass browser-specific restrictions.
- Open a Google Chrome browser window. Using an Incognito window is recommended to prevent cached credentials from interfering.
- Log in to the Okta Admin Console.
- Go to Applications > Applications and select the custom SCIM application.
- Select the Provisioning tab and select Integration from the left menu.
- Enter the updated Client ID and Client Secret under the OAuth 2.0 section.
- Select Save.
- Select Re-authenticate and complete the authorization flow in the resulting pop-up window.
