Open ValentinOUI opened 1 year ago
Thank you for reaching out @ValentinOUI. The SDK uses the supplied discovery URL to retrieve the OIDC configuration for your authorization server before initiating login. You can validate settings are correct by appending /.well-known/openid-configuration
to your discovery URL to check those values for yourself.
Alternatively, you could try removing the "issuer" parameter, and just supply the "discoveryUri".
Hello @mikenachbaur-okta and thank you for your answer.
Thanks for the /.well-known/openid-configuration
, I manage to get it working via Postman as well as the authorize endpoint, by setting everything correctly including the authorization server id.
But when I try with the SDK, the requested URL still looks like /oauth2/v1/authorize?
despite appending the auth server id in my discovery URI and removing the issuer in my parameters.
Describe the bug?
Hi.
I am using a Custom Authorization Server as described here, so according to the doc the authorization URL needs to look like this
https://${yourOktaDomain}/oauth2/${authorizationServerId}/v1/authorize
However, after trying different combinations between the
issuer
and thediscoveryUri
, the authorize URL remains/oauth2/v1/authorize?scope=custom_scope&response_type=...
What is the correct way to add an authorization server id in the authorize endpoint?
Many thanks for the help
What is expected to happen?
Add a field to the configuration to add a custom authorization server id, or do not remove it from the discovery URI when we try to set it.
What is the actual behavior?
I have an error with "illegal_custom_scope".
Reproduction Steps?
1. Configure Okta
with correctly setting the issuer and discovery uri according the documentation. In my case both the issuer issuer and discovery URI look like
https://{myOktaDomain}/oauth2/${authorizationServerId}
2. Try sign in with browser
await signInWithBrowser();
Additional Information?
No response
SDK Version
Latest
Build Information
No response