We are configuring an enterprise connection for a customer using Okta. Have followed the directions here
When we “Try” the connection, we see the customer’s Okta login page and we see that our own login page correctly goes to SSO-Enabled when we enter an email with the customer’s domain.
However, when the customer tries to login, they receive the following access denied error: “the resource owner or authorization server denied the request”
I have looked at the solution described here:
But when I examine the authorization endpoint in the auth0 connection metadata, it already appears to be in the correct format: "authorization_endpoint": "https://<customer_domain>.okta.com/oauth2/v1/authorize".
Are there any other reasons the customer could be seeing this error? We have double checked the client ID and secret values in the Auth0 Enterprise Connection. We also recently configured an Okta Workplace Enterprise Connection for another customer and did not encounter this issue.