<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z0000ABxDVkCQNOkta Identity EnginePrivileged AccessAnswered2024-07-31T17:18:59.000Z2024-07-26T18:49:03.000Z2024-07-31T17:18:59.000Z

PAminA.35885 (Customer) asked a question.

July 26, 2024 at 6:49 PM
getting Unexpected response status (400 BadRequest) for request URI https://OurDominname.okta.com/oauth2/v1/token

after try to update Okta agent to the latest version 3.18 we found server status showing Disruption status and agent is not updated, below is the log after getting this issue:

2024/07/23 17:32:32.846-05:00 Info -- Servername(5) -- Fetching a new access token

2024/07/23 17:32:33.565-05:00 Info -- Servername(5) -- POST: https://OurDominname.okta.com/oauth2/v1/token

2024/07/23 17:32:33.799-05:00 Info -- Servername(5) -- Request to OurDominname.okta.com resolved to X.X.X.X

2024/07/23 17:32:33.846-05:00 Info -- Servername(5) -- GetResponse starting, CurrentConnections:1, ConnectionLimit:10, Timeout:100000, ReadWriteTimeout:300000, KeepAlive:True, ConnectionLeaseTimeout:300000.

2024/07/23 17:32:34.284-05:00 Info -- Servername(5) -- X-Okta-Request-Id: f527408ec0036a6488a22ccf35042f89

2024/07/23 17:32:34.331-05:00 Info -- Servername(5) -- Unexpected response status (400 BadRequest) for request URI https://OurDominname.okta.com/oauth2/v1/token

2024/07/23 17:32:34.581-05:00 Info -- Servername(5) -- Response from server: {"error":"invalid_dpop_proof","error_description":"The DPoP proof JWT is issued in the future."}

2024/07/23 17:32:34.862-05:00 Error -- Servername(5) -- Could not fetch a new access token

2024/07/23 17:32:35.003-05:00 Info -- Servername   at Okta.Api.RestClient.OnResponseError(String url, HttpWebRequest request, HttpWebResponse response)

   at Okta.Api.RestClient.OnResponseError(HttpWebRequest request, HttpWebResponse resp)

   at Okta.Api.RestClient.DoRequest(String method, Uri uri, String requestBody, String contentType, String accept, Encoding encoding)

   at Okta.Api.RestClient.FormPost(String accept, Dictionary`2 formParams, UriTemplate template, String[] args)

   at Okta.Api.Authentication.JwtAuthenticationProvider.GetAccessToken()

   at Okta.Api.Authentication.JwtAuthenticationProvider.<GetAccessTokenAsync>b__24_0()

Okta.Api.OktaApiException received with message Unexpected status code 400 BadRequest for URL https://OurDominname.okta.com/oauth2/v1/token Source=OktaWebAPI InnerException=.

  • 3 answers
  • 769 views

  • Paul S. (Okta, Inc.)

    Hello @PAminA.35885 (Customer)​ Thank you for posting on our Community page!

     

    I would recommend to completely uninstall the old agent and remove any files left over by it and then do a fresh reinstall. Please see our doc on this below:

    https://help.okta.com/en-us/content/topics/directory/ad-agent-uninstall.htm#:~:text=In%20Windows%2C%20select%20StartControl,the%20Okta%20AD%20Agent%20folder.

     

    Thank you for reaching out to our Community and have a great day!

    --

    Help others in the community by liking or hitting Select as Best if this response helped you.

    Expand Post

  • PAminA.35885 (Customer)

    Hi Paul, Thanks for your response, I followed the steps and removed and add the agents again, Agent showing latest version but status is Inactive. I have two mentioned two agent has this issue.

     

    Below you can find the new log:

    2024/07/29 12:02:22.656-04:00 Info -- ServerName(8) -- Sending INIT message to Okta

    2024/07/29 12:02:22.672-04:00 Info -- ServerName(8) -- POSTing ActionResult to Okta. actionReceivedFromOkta: 1/1/0001 12:00:00 AM, actionSentToLdapServer: 1/1/0001 12:00:00 AM, responseReceivedFromLdapServer: 1/1/0001 12:00:00 AM, responseSentToOkta: 7/29/2024 12:02:22 PM

    2024/07/29 12:02:22.687-04:00 Info -- ServerName(8) -- POST: https://Domain.okta.com/api/1/internal/app/activedirectory/0oa1hr8a5nwVtQDsV0h8/agent/a531xu19fsyzR64Op0h8/actionResult?agentVersion=3.18.0.0

    2024/07/29 12:02:22.703-04:00 Info -- ServerName(16) -- Fetching a new access token

    2024/07/29 12:02:22.750-04:00 Info -- ServerName(16) -- POST: https://Domain.okta.com/oauth2/v1/token

    2024/07/29 12:02:22.797-04:00 Info -- ServerName(16) -- Request to Domain.okta.com resolved to X.X.X.X

    2024/07/29 12:02:22.812-04:00 Info -- ServerName(16) -- GetResponse starting, CurrentConnections:1, ConnectionLimit:10, Timeout:100000, ReadWriteTimeout:300000, KeepAlive:True, ConnectionLeaseTimeout:300000.

    2024/07/29 12:02:23.078-04:00 Info -- ServerName(16) -- X-Okta-Request-Id: bbee4283add208650fff3eb40ade13d5

    2024/07/29 12:02:23.094-04:00 Info -- ServerName(16) -- Unexpected response status (400 BadRequest) for request URI https://Domain.okta.com/oauth2/v1/token

    2024/07/29 12:02:23.109-04:00 Info -- ServerName(16) -- Response from server: {"error":"invalid_dpop_proof","error_description":"The DPoP proof JWT is issued in the future."}

    2024/07/29 12:02:23.125-04:00 Error -- ServerName(16) -- Could not fetch a new access token

    2024/07/29 12:02:23.141-04:00 Info -- ServerName  at Okta.Api.RestClient.OnResponseError(String url, HttpWebRequest request, HttpWebResponse response)

      at Okta.Api.RestClient.OnResponseError(HttpWebRequest request, HttpWebResponse resp)

      at Okta.Api.RestClient.DoRequest(String method, Uri uri, String requestBody, String contentType, String accept, Encoding encoding)

      at Okta.Api.RestClient.FormPost(String accept, Dictionary`2 formParams, UriTemplate template, String[] args)

      at Okta.Api.Authentication.JwtAuthenticationProvider.GetAccessToken()

      at Okta.Api.Authentication.JwtAuthenticationProvider.<GetAccessTokenAsync>b__24_0()

    Okta.Api.OktaApiException received with message Unexpected status code 400 BadRequest for URL https://Domain.okta.com/oauth2/v1/token Source=OktaWebAPI InnerException=.

    2024/07/29 12:02:23.141-04:00 Error -- ServerName(8) -- Error sending INIT message

    2024/07/29 12:02:23.156-04:00 Info -- ServerName  at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)

      at Okta.Api.Authentication.JwtAuthenticationProvider.CreateHeaders(String method, Uri uri)

      at Okta.Api.RestClient.MakeRequest(String method, Uri uri)

      at Okta.Api.RestClient.PostObject(Object obj, XmlSerializer serializer, UriTemplate template, Nullable`1 timeout, String[] args)

      at Okta.Api.OktaApi.InitComplete(String instanceId, String agentId, ActionResult result, String agentVersion)

      at Okta.Agent.RequestPoller.SendInit()

      at Okta.Agent.DelegateUtils.<>c__DisplayClass4_0.<DoUntilSuccessOrAbort>g__WrappedToDo|0()

      at Okta.Agent.DelegateUtils.DoUntilSuccessOrAbort[T](Func`1 toDo, String errorMessage, Nullable`1 initialRetrySleep, Int32 maxRetrySleep, Int32 maxRetries)

    System.AggregateException received with message One or more errors occurred. Source=mscorlib InnerException=Okta.Api.OAuthException: Could not fetch a new access token ---> Okta.Api.OktaApiException: Unexpected status code 400 BadRequest for URL https://Domain.okta.com/oauth2/v1/token

      at Okta.Api.RestClient.OnResponseError(String url, HttpWebRequest request, HttpWebResponse response)

      at Okta.Api.RestClient.OnResponseError(HttpWebRequest request, HttpWebResponse resp)

      at Okta.Api.RestClient.DoRequest(String method, Uri uri, String requestBody, String contentType, String accept, Encoding encoding)

      at Okta.Api.RestClient.FormPost(String accept, Dictionary`2 formParams, UriTemplate template, String[] args)

      at Okta.Api.Authentication.JwtAuthenticationProvider.GetAccessToken()

      at Okta.Api.Authentication.JwtAuthenticationProvider.<GetAccessTokenAsync>b__24_0()

      --- End of inner exception stack trace ---

      at Okta.Api.Authentication.JwtAuthenticationProvider.<GetAccessTokenAsync>b__24_0()

      at System.Threading.Tasks.Task`1.InnerInvoke()

      at System.Threading.Tasks.Task.Execute().

    Caused by Okta.Api.OAuthException received with message Could not fetch a new access token Source=OktaWebAPI InnerException=Okta.Api.OktaApiException: Unexpected status code 400 BadRequest for URL https://Domain.okta.com/oauth2/v1/token

      at Okta.Api.RestClient.OnResponseError(String url, HttpWebRequest request, HttpWebResponse response)

      at Okta.Api.RestClient.OnResponseError(HttpWebRequest request, HttpWebResponse resp)

      at Okta.Api.RestClient.DoRequest(String method, Uri uri, String requestBody, String contentType, String accept, Encoding encoding)

      at Okta.Api.RestClient.FormPost(String accept, Dictionary`2 formParams, UriTemplate template, String[] args)

      at Okta.Api.Authentication.JwtAuthenticationProvider.GetAccessToken()

      at Okta.Api.Authentication.JwtAuthenticationProvider.<GetAccessTokenAsync>b__24_0().

    Caused by Okta.Api.OktaApiException received with message Unexpected status code 400 BadRequest for URL https://Domain.okta.com/oauth2/v1/token Source=OktaWebAPI InnerException=.

    Expand Post

    • Paul S. (Okta, Inc.)

      Hello @PAminA.35885 (Customer)​ I would recommend to open a case with Support for additional investigation, not sure exactly what could cause this issue.

This question is closed.
Loading
getting Unexpected response status (400 BadRequest) for request URI https://OurDominname.okta.com/oauth2/v1/token