<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
0D54z00008hzyvOCAQOkta Classic EngineAPI Access ManagementAnswered2024-04-02T16:23:39.000Z2023-01-23T07:19:10.000Z2023-01-24T09:26:23.000Z

YashS.48364 (Customer) asked a question.

Implementing OAuth2 for Okta Integration POC

I want to add OAuth2.0 support to get logs, users, groups & apps data from Okta.

I created an App with the "OIDC - OpenID Connect" option and assigned the scopes - okta.users.read, okta.groups.read, okta.logs.read, okta.apps.read

While doing API call to /authorize endpoint, the parameters passed are - response_type, state, redirect_uri, and client_id

But I am getting an error saying `error=invalid_scope&error_description=No+scopes+were+requested.`

Do I always need to pass the scope parameter in the requesting API, even when the scopes are already defined in the Application created in Okta?

Is there a way to not pass the scope parameter in the API and still get the expected results?


  • JaniK.29243 (Customer)

    @YashS.48364 (Customer)​,

     

    like from this page you can tell, you have to specify "openid" scope whenever you're trying to retrieve ID tokens. With the application scope settings you're simply granting access to the user data.

     

    -Jani

    Expand Post
  • YashS.48364 (Customer)

    Thanks @JaniK.29243 (Customer)​ , but what if I don't want to pass the scope parameter in the API call at all?

    I just want to utilize the scopes which are granted in the Okta application and get an access token with all those scopes. Is it possible?

This question is closed.
Loading
Implementing OAuth2 for Okta Integration POC