Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Listing grants for app using a private key client is failing with invalid session #316

Open
timoreize opened this issue Jul 5, 2022 · 3 comments
Open

Listing grants for app using a private key client is failing with invalid session #316

timoreize opened this issue Jul 5, 2022 · 3 comments
Labels
bug Something isn't working no-stalebot

Comments

@timoreize
Copy link

Describe the bug?

I'm creating a client with the following values:

okta.WithOrgUrl(tenantOktaDomain),
		okta.WithAuthorizationMode("PrivateKey"),
		okta.WithClientId(tenantApplicationClientID),
		okta.WithScopes(scopes),
		okta.WithPrivateKey(privateKey),

And when I call client.Application.ListScopeConsentGrants(ctx, appID, nil) I receive the Invalid Session error.

When I Create the client with SSWS token:

okta.WithOrgUrl(tenantOktaDomain),
		okta.WithScopes(scopes),
		okta.WithAuthorizationMode("SSWS"),
		okta.WithToken(token),

I get the grants as expected.

What is expected to happen?

Receive a non-error response with the grants for an application

What is the actual behavior?

Receiving an Invalid Session error.

Reproduction Steps?

As mentioned above.

Additional Information?

No response

Golang Version

1.18.3

SDK Version

2.13.0

OS version

PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
@timoreize timoreize added the bug Something isn't working label Jul 5, 2022
@github-actions
Copy link

This issue has been marked stale because there has been no activity within the last 14 days. To keep this issue active, remove the stale label.

@github-actions github-actions bot added the stale label Jul 20, 2022
@monde monde removed the stale label Aug 7, 2022
@github-actions
Copy link

This issue has been marked stale because there has been no activity within the last 14 days. To keep this issue active, remove the stale label.

@github-actions github-actions bot added the stale label Aug 22, 2022
@monde monde added no-stalebot and removed stale labels Aug 30, 2022
@monde
Copy link
Collaborator

monde commented Aug 30, 2022

@timoreize apologies for a slow reply. Did you work through this issue? If you are using an oauth token via privatekey I wonder if that token has the proper scopes assigned to it for a GET /api/v1/apps/{appId}/grants that the SDK is calling in ListScopeConsentGrants. I believe the required scope would be okta.apps.read. https://developer.okta.com/docs/reference/api/apps/#list-scope-consent-grants-for-application

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working no-stalebot
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@monde @timoreize