invalid_scope 'Custom scopes are not allowed for this request.' okta 1

invalid_scope ‘Custom scopes are not allowed for this request.’ okta

    # define allowed scoped ( https://developer.okta.com/docs/guides/implement-oauth-for-okta/define-allowed-scopes/)
    # to list the avilable scopes use:
    curl -X POST \
    -H 'Accept: application/json' \
    -H "Authorization: SSWS ${api_token}" \
    -H 'Content-Type: application/json' \
    -d '{
          "scopeId": "okta.users.read",
          "issuer": "https://{yourOktaDomain}"
    }' "https://${yourOktaDomain}/api/v1/apps/client_id/grants"

Here is what the above code is Doing:
1. Create a new OAuth 2.0 client application
2. Create a new OAuth 2.0 authorization server
3. Create a new OAuth 2.0 policy
4. Create a new OAuth 2.0 scope

Similar Posts