I am using Istio as an ingress gateway and trying to setup okta within a sidecar proxy but keep running into a 'Invalid X-Requested-With header' error. istio holds the self-signed cert to my app https://myapp.com that gateway has mTLS enabled to my service via TCP 7000 which then communicates with a nodejs app using http://www.passportjs.org/packages/passport-okta-oauth/
Front end error to user who has access is: Authentication failed, Failed to obtain access token
Front end error to user who does not have access: Authentication rejected, User is not assigned to the client application
I am using Istio as an ingress gateway and trying to setup okta within a sidecar proxy but keep running into a 'Invalid X-Requested-With header' error. istio holds the self-signed cert to my app https://myapp.com that gateway has mTLS enabled to my service via TCP 7000 which then communicates with a nodejs app using http://www.passportjs.org/packages/passport-okta-oauth/
Okta is setup as follows:
Login redirect: https://myapp.com/api/auth/okta/handler/frame Logout: https://myapp.com/api/auth/okta/logout Initiate Login: https://myapp.com/api/auth/okta/start
App logs: GET https://myapp.com/api/auth/okta/refresh?optional&env=development GET https://myapp.com/api/auth/okta/start?scope=openid%20email%20profile%20offline_access&env=development
App Setup: clientId/clientSecret/audience is set to https://my-domain.oktapreview.com
Front end error to user who has access is: Authentication failed, Failed to obtain access token Front end error to user who does not have access: Authentication rejected, User is not assigned to the client application