search

okta / okta-sdk-dotnet

A .NET SDK for interacting with the Okta management API, enabling server-side code to manage Okta users, groups, applications, and more.
Other
160 stars 100 forks source link

Call Introspect API with Okta SDK Client returning Bad Request #561

Closed philip-young closed 2 years ago

philip-young commented 2 years ago

Describe the bug?

I am trying to call the /v1/introspect API on the Okta Org Server to validate an access token. I wasn't able to find a method in the SDK to do this so I followed the documentation in the readme to call other API Endpoints. The /introspect endpoint is a POST call, same as the example given in the readme, but when I try to call it, I am getting back 400 Bad Request with the reason "Bad request. Accept and/or Content-Type headers likely do not match supported values. (400, E0000021)"

Is there something I'm doing wrong? One thing I can think of is the Client Id that I used to sign in the User with is different than the one for my backend service that is validating, would that be an issue?

var oktaTokenValidationResult = await oktaClient.PostAsync<Resource>(new Okta.Sdk.HttpRequest
{
    Uri = "/oauth2/v1/introspect",
    QueryParameters = new Dictionary<string, object>()
    {
        ["token"] = accessToken,
        ["token_type_hint"] = "access_token"
    }
});

I have been successful in making this call in Postman, but I noticed that I needed to set the Content-Type to 'application/x-www-form-urlencoded'. When I try to add this to the HttpRequest in .NET, the Okta endpoint errors and says 'ContentType of specified HttpRequest should be (application/json) but is (application/x-www-form-urlencoded)'. I have also added an Accept Header with 'application/json' without success.

On the Postman call, I did also have to add the ClientId to the query string as per the documentation because in Postman I am not making an authenticated call. I am assuming the Okta SDK adds the necessary authentication to the call.

What is expected to happen?

The Introspect returns a valid result.

What is the actual behavior?

400 Bad Request with the reason "Bad request. Accept and/or Content-Type headers likely do not match supported values. (400, E0000021)"

Reproduction Steps?

Additional Information?

No response

.NET Version

Welcome to .NET 6.0!

SDK Version: 6.0.301

SDK Version

5.6.0

OS version

No response

bryanapellanes-okta commented 2 years ago

@philip-young Thanks for reaching out! I believe the use of different client Ids is possibly the cause, try using the same client Id for authentication and validation to see if you get different results. If you see no change please provide a full sample that reproduces the issue and we can diagnose from there.

laura-rodriguez commented 2 years ago

Closing due to inactivity. Please feel free to reopen if this is still an issue.