Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

idx.authenticate throws error at end of authentication #1554

Open
cgstaber opened this issue Dec 21, 2024 · 0 comments
Open

idx.authenticate throws error at end of authentication #1554

cgstaber opened this issue Dec 21, 2024 · 0 comments
Labels

Comments

@cgstaber
Copy link

Describe the bug

Today in Production we use the okta-hosted widget. We have hundreds of individual apps that redirect to it for user authentication. We need to be able to more fully customize the sign in experience so we're trying to use the SDK.

In watching the Network traffic, at the end of signing in with the okta-hosted widget, the response from challenge/answer includes a redirect URL where the browser gets redirected to Okta where the session is established and then redirected back to the original app the user wanted to sign in to using the redirect_url it provided to the sign in widget with a "code" query param attached which the app uses to get the actual tokens. This is the behavior I'm trying to reproduce with the auth-sdk.

What I'm seeing is at the end, challenge/answer doesn't contain a redirect but a successWithInteractionCode object. I also see a console error the SDK threw in the browser at the end:
OAuthError: Client authentication failed. Either the client or the client credentials are invalid.

Reproduction Steps?

Because we're on Identity Engine and all the docs pointed me to using IDX, that is my current setup:

import { OktaAuth } from "@okta/okta-auth-js";

const config = {
issuer: https://churchofjesuschrist.oktapreview.com/oauth2/default,
clientId: queryParams.client_id,
redirectUri: queryParams.redirect_uri,
pkce: true,
responseType: "code",
codeChallenge: queryParams.code_challenge,
codeChallengeMethod: queryParams.code_challenge_method,
scopes: queryParams?.scope?.split(" "),
};

const authClient = new OktaAuth(config);

const res0 = await authClient.idx.authenticate();
console.log("res0", res0);

const res1 = await authClient.idx.proceed({ username: "username-here" });
console.log("res1", res1);

const res2 = await authClient.idx.proceed({authenticator: "okta_password"});
console.log("res2", res2);

const res3 = await authClient.idx.proceed({credentials: { passcode: "password-here" }});
console.log("res3", res3);

SDK Versions

Latest

Additional Information?

I imagine there’s some specific config I need in the beginning to get the SDK to return a redirect URL at the end of a completed sign in – but I can’t figure out what that config should be.

@cgstaber cgstaber added the bug label Dec 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant