<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D5KZ000010WH410AGOkta Identity EngineWorkflowsAnswered2025-07-23T12:01:38.000Z2025-07-16T13:08:45.000Z2025-07-23T12:01:38.000Z

Naga KishoreI.14293 (Customer) asked a question.

July 16, 2025 at 1:08 PM
Error while accessing REST API from OKTA Workflows - client error (Connect)

Greetings,

 

I am working on a custom functionality where an OKTA workflow is used to connect to an external system using REST API. The API is sourced from a node JS application running on a windows server machine. I am able to test the API using postman. However, when I use the HTTP raw card to hit a POST request (https://domain:7788/api), I am getting an error while connecting. Can you please help me understand how the issues can be resolved.

 

"message": "client error (Connect)",

"description": "HTTP Error",

"module": "http.raw",

"retry_count": 0

/help/servlet/rtaImage?refid=0EMKZ000000dLKI

 

We confirm the following:

  1. The App server is operational.
  2. API is working from Postman

 

Thank you

  • 3 answers
  • 334 views

  • TimL.58332 (Workflows)

    Just to clarify on the certificate portion. There is no option to turn off this check is Workflows. The certificate must be valid and cannot be self-signed. It is 100% required. However, Postman will allow you to connect to servers even if the certificate is bad. It will prompt you the first time it occurs and give you an option to disable/enable a setting permanently that allows you to connect to sites with bad certs.

    Expand Post
    Selected as Best

  • TimL.58332 (Workflows)

    @Naga KishoreI.14293 (Customer)​  - Several things standout from your description and screenshot:

     

    Typically when I see a domain:port its an internal/on-prem server. Connections from Workflows to an on-prem solution is not going to be supported.

     

    https://help.okta.com/wf/en-us/content/topics/workflows/workflows-system-limits.htm

     

    Next, Workflows requires the connection to be HTTPS:// which will leverage TLS. The certificate being used cannot be self-signed even as an intermediate. Otherwise Workflows will prevent the connection. This usually results in a timeout on the front-end so it can be awhile before an error is thrown in the UI.

     

    Finally, API connector has "Connections" set on the card. One is assigned automatically when you add the card. You need to ensure the correct connection is set to the card for the endPoint you are trying to communicate with. For example if you were sending your own header Authorization with a Bearer token and you had a connection set for a different service then you would end up sending (2) Authorization headers and the server is likely going to fail with an error.

    Expand Post

  • TimL.58332 (Workflows)

    Just to clarify on the certificate portion. There is no option to turn off this check is Workflows. The certificate must be valid and cannot be self-signed. It is 100% required. However, Postman will allow you to connect to servers even if the certificate is bad. It will prompt you the first time it occurs and give you an option to disable/enable a setting permanently that allows you to connect to sites with bad certs.

    Expand Post
    Selected as Best

  • BrandonB.06003 (Customer)

    Is this API hosted on your network or publicly available? If so, its possibly a firewall issue where your postman is located on VPN which is connected to the same network as your API. Whereas okta workflows is hosted in okta cloud. and in a lot of cases needs to be IP whitelisted by your firewall

This question is closed.
Loading
Error while accessing REST API from OKTA Workflows - client error (Connect)