Menu
I'm trying to authenticate an user using the "authn" API:
POST MYACCOUNT.oktapreview.com/api/v1/authn
{
"username": "[email protected]",
"password" : "Password123"
}
But this always returns
{
"errorCode": "E0000005",
"errorSummary": "Invalid session",
"errorLink": "E0000005",
"errorId": "oael83e1QQxSNuHOlE0VkqBuA",
"errorCauses": []
}
Any idea why this happens?
When I create the session, I just get a 403 - Forbidden error.
The sessions API works, but I want to use the authn API for a customized login experience.
Thanks for your help.
353
Okta uses a cookie-based authentication mechanism to maintain a user's authentication Session across web requests. The Okta Sessions API provides operations to create and manage authentication Sessions for users in your Okta organization.
After a session token is obtained, it can be passed into the OpenID Connect authorize endpoint to get an Okta session cookie. Executing this flow sets a cookie in the end user's browser and then redirects them back to the redirect_uri that is passed into the request.
The issue was because of the Authorization header in the Okta request.
The Authorization header should be 'Authorization: SSWS API_TOKEN' Instead, I was just sending 'Authorization: API_TOKEN'
195
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
