Closed Deconstrained closed 3 years ago
Heya, thanks for approving and sorry for the late response (same, re: notification)
No concern of backwards compatibility; Okta's OAuth2 API doesn't have any sort of versioning.
Tip of the hat to @Jonathan-Arias for helping me figure this one out
Inconsistencies have been discovered between Okta's API and the OAuth2 implementation in this library that affect its ability to successfully get all the way through the authorization flow.
These issues, which are addressed in this change set, are as follows:
params
) and in the basic authorization header; Okta will issue a 403 in response to this.oauth2
does not by default support the JSON mimetype, the JSON string containing the token is treated as the token itself, which results in a 401 when making the final request to authenticate the user back to Okta.