mexnf (mexnf) asked a question.
I have tried to create an application under my specific developer domain, for example, dev-a.okta.com, with sign-in method OIDC connect and type of web application.
And I hope I can get access/refresh token from users of different dev domain like dev-b.okta.com by using this application with authorization code grant flow.
But I failed with bad request without any detail reason.
So my question is: is it possible to achieve the flow like that or should I use another grant flow like client credentials.?
Thanks and here is the setting I use for testing, hope it's helpful.
{
"auth_uri": "https://dev-b.okta.com/oauth2/v1/authorize",
"client_id": "client_id of the app in dev-a",
"client_secret": "client secret of the app in dev-b",
"redirect_uri": "http://localhost:8080/authorization-code/callback",
"issuer": "https://dev-b.okta.com/oauth2",
"token_uri": "https://dev-b.okta.com/oauth2/v1/token",
"userinfo_uri": "https://dev-b.okta.com/oauth2/v1/userinfo"
}
Hello @mexnf (mexnf)
For specific details applied to your specific use case feel free to post this question on our Okta Developer Forums: https://devforum.okta.com, this is a place for the Okta developer community to interact.
Hi Daniela,
I had post on forum yesterday as well.
Thanks for your information.