Closed victorclee closed 4 years ago
I'm having what seems like the same issue. How did this get resolved for you victorclee?
All I see in the rails log is
omniauth: (okta) Callback phase initiated.
Then ...
omniauth: (okta) Authentication failure! invalid_credentials: OAuth2::Error
The user event logs on the Okta site show all the events as success.
Any helps is greatly appreciated!
It turns out, we were not using the correct authorize_url and token_url endpoints. The omniauth-okta docs show to use
'https://your-org.okta.com/oauth2/
https://${yourOktaOrg}/.well-known/oauth-authorization-server
It didn't include anything for the authorization_server, simply /oauth2/v1/authorize. Once we used that instead for our endpoints, we were able to gather the correct Okta user credentials after login.
Hi team,
Need some insight/help from you. (Long post ahead)
I'm in the process of integrating Okta into our app, which currently uses Clearance as an authentication tool. Our goal is to integrate Okta as a second sign in option.
We run a Ruby on Rails app, and are using omniauth and omniauth-okta gems in development.
Here's our Omniauth Builder code snippet:
Routes:
Sessions controller:
Currently, I can successfully reach the login page hosted by Okta, but once I entered my username and password, I consistently reach the same error of the following screenshot
Terminal ouput:
Since I got an error saying invalid credentials, naturally, I double- and triple-checked my Okta client ID, Okta client secret, login username and password, even when they are correct, I'm still getting the same error over and over.
I reached out to Okta Support, provided them a HAR network trace file, and got the following response: "There is a 500 on the callback route of the application. I don't see any errors at okta end. This could be an issue at the callback route handling the response from okta. Unfortunately, onmiauth-okta is not maintained by Okta, you might have to file an issue in their github if we are unable to figure out."
So here I am, looking for help. Any insight would be greatly appreciated. Thanks, team!