MarioS.26004 (Customer) asked a question.
I am creating a .NET Core Web Api to be consumed by my application tenants.
In Okta, I created a Service Application, intended to have 1 application for each of my tenant to make sure client_id and secret will not be shared. The client_id and secret from Okta will be given to my tenant and pass through my Web Api to get 'client_credentials'.
I wanted my application to be able to check, that if the 'client_credentials' is about to expire, my Web Api will automatically request for the new 'client_credentials' using the supposed to be 'refresh_token'.
When I try to pass 'refresh_token' as 'grant_type', I'm getting an error: The client is not authorized to use the provided grant type. Configured grant types: [client_credentials].
How do I get 'refresh token' for Service Application? Is this even possible?
Greetings !
This is Andrei on behalf of Okta's Customer Support!
Be sure to specify refresh_token as a data_type value for the grant_type parameter.
Alternatively, after you set up an application, you can select the Refresh Token option for Allowed grant types on the General Settings tab in the Admin Console.
Please also check this documentation: https://developer.okta.com/docs/guides/refresh-tokens/overview/ and consider to open a support ticket if you need further assistance with this matter.