This repository was archived by the owner on Nov 18, 2024. It is now read-only.
This repository was archived by the owner on Nov 18, 2024. It is now read-only.
Guidence on OKTA access token fetch #91
Description
Use Case
Would like to use this plugin to configure okta as provider for oauth2.0
Describe the Solution You Would Like
Would like to use this plugin to configure okta oauth2.0 with private_key_jwt, client_credentials for access token
Describe Alternatives You've Considered
N/A
Additional Context
For okta, https://developer.okta.com/docs/guides/implement-oauth-for-okta-serviceapp/main/
The private_key_jwt client authentication method is the only supported method for OAuth service apps that want to get access tokens with Okta scopes.
# 1. Enable the plugin
vault secrets enable -path=oauth2 oauthapp
# 2. Configure the server
vault write oauth2/servers/okta \
provider="odic" \
token_endpoint="https://your-org.okta.com/oauth2/v1/token" \
token_endpoint_auth_method="private_key_jwt" \
client_id="your-client-id" \
[email protected]
# 3. Configure the client
vault write oauth2/self/okta-m2m \
server="okta" \
grant_type="client_credentials" \
scopes="okta.apps.read" \
audience="https://your-org.okta.com/oauth2/v1/token"
# 4. Get a token
vault read oauth2/creds/okta-m2m
Error writing data to oauth2/self/okta-m2m: Error making API request.
URL: PUT http://127.0.0.1:8200/v1/oauth2/self/okta-m2m
Code: 400. Errors:
* client credentials flow failed: missing client secret in configuration