s8los (s8los) asked a question.
Okta API request with OktaAccessGateway-Agent header results as unauthorized response
I have issue to setup Okta Access Gateway (on local Oracle VirtualBox) to work with my Okta developer env as Idp. In the OAG logs i have found that request from OAG includes OktaAccessGateway-Agent: OAG (some_identifier) header. When sending exactly the same request to the API from the Postman with this header disabled i get correct response.
What configuration I’m missing on Okta API token side? Or this is something else?
Hi @s8los (s8los) , Thank you for reaching out to the Okta Community!
I ran this by my OAG colleagues and we would need to take a closer look at your implementation to understand if this is a misconfiguration or a limitation, as not everything can be done via API.
Please open a case so they can review this together with you and clarify the situation.
If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you.
Hope my answer helps!
--
Help others in the community by liking or hitting Select as Best if this response helped you.
As suggested by SME in my company, I've changed the roles of the Okta user that was used to generate API token from Org Admin and App Admin to Super Administrator and generated a new token. Now i can setup my developer Okta as an IdP in my local Okta Access Gateway. But then i run in exactly the same issue when creating an app in OAG - it says internal error... and in logs i see that request from OAG to Okta returns unauthorized (401). Exactly the same request from Postman to Okta API, but with 'OktaAccessGateway-Agent' header disabled returns o.k. (200) and the app is created in Okta.