Hello,
I have an existing set of code which I use for one customer that uses auth0 /Okta.
Which works fine (so i assume the code is correct).
But now i have another customer that uses Okta, I get to the login page, and can login, which according to the system_log is valid.
But the only response in the browser is a super generic “400 Bad Request”.
Is there any way to find out what the actual error is?
I’ve been going around with this for over 4 hours now, it’s driving me insane that I cannot find any more info on the error or get it fixed, I checked the urls, even created a new application in the client’s Okta account to test.
If it helps (personal data replaced by XXXX), this is the url I start the login on
https://dev-XXXX.okta.com/login/login.htm?fromURI=%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26client_id%XXXX%26redirect_uri%3Dhttps%3A%2F%2XXXX%2Fcallback%26scope%3Dopenid%2Bprofile%26response_mode%3Dquery%26state%3DpnqqLAoaiXMi%26nonce%3DpnqqLAoaiXMi
And then this is the url where I end up after the login, which shows the error
https://dev-XXXX.okta.com/oauth2/authorize?response_type=code&client_id=XXXX&redirect_uri=https://XXXX/callback&scope=openid+profile&response_mode=query&state=SS9YMo2YfrI0&nonce=SS9YMo2YfrI0
Any info or tips whatsoever is appreciated greatly
Hi @eelcodev67,
Welcome to the Auth0 Community!
Usually, with these errors, we recommend checking your system logs to determine why the request was unsuccessful or other useful information. You could also check your network activity to verify the requests being sent contain the correct query parameters.
If you continue encountering issues, you can visit the Okta Help Center to find additional resources.
Here is a related Okta question that might help you with this.
Let me know if you have any further questions.
Thanks,
Rueben
In the end it turned out the wrong callback url was being used, the login has thankully been fixed.
Unfortunately the logout is now giving a similar 400 issue, I tried passing different things as the id_token_hint, hoping that was the problem, but no luck yet.
Anyone have any ideas?
I tried the entire token I got through the default/v1/token call
aswell as the response’s user claim type ‘sub’.
https://dev-XXXX.okta.com/oauth2/default/v1/logout?post_logout_redirect_uri=[LOGOUT_CALLBACK_URL]&id_token_hint=[HINTVALUE]
Just to add to this conversation, all problems have now thankfully finally been solved.
Maybe I just was not paying attention or missed a part of the documentation.
But perhaps someone else could use this info also.
The response from the call to default/v1/token
contained the id_token which was needed to call the logout callback?id_hint_token with
