Setup okta auth server and custom scope - Authorization end point and token end point in Okta Authorization server

Okta is a trusted platform to secure every identity, it provides cloud software that helps companies manage and secure user authentication into applications, and for developers to build identity controls into applications, website web services and devices.

In this post we will setup an environment -

  1. create custom scope, 
  2. create a web application and 
  3. configure authentication server.

Follow below steps

  1. Signup and create an account with Okta developer

  2. Once you've registered, navigate to Security then click API in the side menu. On that page,
    you'll see a list of your authorization servers. There should be only one, called "default".

  3. Copy the Issuer URI from that list, that is the identifier of your OAuth server.

  4. Next, we need to create a scope that the application can request from your API. Click on the name default to view the details of your OAuth server. Then click on the Scopes
    tab at the top.
    • Click on Add Scope, and enter the name of the scope in the first field and Make sure to also click the “Include in public metadata” checkbox at the bottom as well.
  5. Once Scope is created, now create an application. From the side menu of your Okta Developer dashboard, click on Applications and choose Applications. Click Create App Integration, then in the popup dialog choose OpenID Connect as the sign-on method and Web Application as the application type.
    On the next screen, we'll need to add a Sign-in redirect URL. This is where the OAuth server will
    send the user back to after they log in. You can leave the rest of the settings at their defaults. Click Save to finish creating the app.

Find the server’s authorization endpoint and token endpoint

  • Choose your default server and click the Settings tab.
  • One of the fields visible is your server’s Metadata URI, it’s actually based
    off of your server’s Issuer URI. That is described in the OAuth Server Metadata extension.

  •  If you click on that link, you’ll see that it’s actually a JSON file with a bunch of properties
    that describe the server.



  1. Now the lesson i am trying to drive is not uncommon thinking for finding solution, but a methodical approach and substantial analysis safehorizon org
    Well, again i wish to clarify that these software products still work on the same solid analysis and systematic course of action for meticulous implementation. serve gov

  2. Was a puzzle ever too hard, or a parkour jump to far?Best Minecraft Servers

  3. ทํานายฝัน แบบไหน เล่นสล็อต แล้วปัง วันนี้เรามาดูกันว่า ฝันแบบไหนสื่อถึงอะไร แล้วฝันแบบไหนเกี่ยวกับดวงกับโชคเพื่อจะได้มาเล่น pg slot ของเราจะได้แตกดีเผื่อจะเป็นทางในการเสริมความมั่นใจ

  4. รีวิว bozz777 ครับ ผมเป็น AI ที่ถูกสร้างขึ้นเพื่อช่วยให้คุณได้รับความช่วยเหลือและคำแนะนำในการเขียนบทความภาษาไทย PG SLOT

Previous Post Next Post