Okta auth integration not working #2151

New Issue

Closed

opened 2026-02-05 03:06:53 +03:00 by OVERLORD · 2 comments

OVERLORD commented 2026-02-05 03:06:53 +03:00

Owner

Copy Link

Originally created by @z0mbix on GitHub (Mar 10, 2021).

Describe the issue
Bookstack is redirecting to a custom Okta auth server instead if the org auth server.

On login, I get redirected to https://xxxx.okta.com/oauth2/default/v1/authorize but this is the default custom auth server and only available when you have the "API Access Management" additional paid Okta feature.

Because of this Okta returns a 400 error with this page:

Steps To Reproduce
Follow the doc: https://www.bookstackapp.com/docs/admin/third-party-auth/#okta

Create Okta app as described in the above doc, then set the following env vars:

OKTA_APP_SECRET=xxx
OKTA_APP_ID=xxx
OKTA_BASE_URL=https://xxxx.okta.com

Expected behavior
I would expect bookstack to redirect to the standard auth server:

https://xxxx.okta.com/oauth2/v1/authorize

instead of:

https://xxxx.okta.com/oauth2/default/v1/authorize

Your Configuration (please complete the following information):

• Exact BookStack Version (Found in settings): 0.31.4
• PHP Version: 7.4.14
• Hosting Method (Nginx/Apache/Docker): Docker (solidnerd/bookstack)

Additional context
https://support.okta.com/help/s/article/400-error-on-authentication-to-Okta-using-OIDC?language=en_US

I have looked at the socialite code and AFACT, should default to using the org auth server:

https://github.com/SocialiteProviders/Okta/blob/master/Provider.php

They even mention about using a custom auth server in the docs:

https://socialiteproviders.com/Okta/#custom-auth-server

Originally created by @z0mbix on GitHub (Mar 10, 2021). **Describe the issue** Bookstack is redirecting to a custom Okta auth server instead if the org auth server. On login, I get redirected to https://xxxx.okta.com/oauth2/default/v1/authorize but this is the default custom auth server and only available when you have the "API Access Management" additional paid Okta feature. Because of this Okta returns a `400` error with this page: <img width="828" alt="Screenshot 2021-03-10 at 12 27 27" src="https://user-images.githubusercontent.com/221251/110629544-2b85c380-819c-11eb-971d-44e390900027.png"> **Steps To Reproduce** Follow the doc: https://www.bookstackapp.com/docs/admin/third-party-auth/#okta Create Okta app as described in the above doc, then set the following env vars: ``` OKTA_APP_SECRET=xxx OKTA_APP_ID=xxx OKTA_BASE_URL=https://xxxx.okta.com ``` **Expected behavior** I would expect bookstack to redirect to the standard auth server: ``` https://xxxx.okta.com/oauth2/v1/authorize ``` instead of: ``` https://xxxx.okta.com/oauth2/default/v1/authorize ``` **Your Configuration (please complete the following information):** - Exact BookStack Version (Found in settings): `0.31.4` - PHP Version: `7.4.14` - Hosting Method (Nginx/Apache/Docker): Docker (`solidnerd/bookstack`) **Additional context** https://support.okta.com/help/s/article/400-error-on-authentication-to-Okta-using-OIDC?language=en_US I have looked at the socialite code and AFACT, should default to using the org auth server: https://github.com/SocialiteProviders/Okta/blob/master/Provider.php They even mention about using a custom auth server in the docs: https://socialiteproviders.com/Okta/#custom-auth-server

OVERLORD closed this issue 2026-02-05 03:06:55 +03:00

OVERLORD commented 2026-02-05 03:07:10 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Mar 10, 2021):

Hi @z0mbix,
Sorry you're running into issues here.

Looks like this was something that was addressed upstream: https://github.com/SocialiteProviders/Providers/pull/615
As far as I can tell, we're using the patched version in the latest version of BookStack. Looking through our releases, this should be fixed from BookStack v0.31.5.

@ssddanbrown commented on GitHub (Mar 10, 2021): Hi @z0mbix, Sorry you're running into issues here. Looks like this was something that was addressed upstream: https://github.com/SocialiteProviders/Providers/pull/615 As far as I can tell, we're using the patched version in the latest version of BookStack. Looking through our releases, this should be fixed from BookStack v0.31.5.

OVERLORD commented 2026-02-05 03:07:13 +03:00

Author

Owner

Copy Link

@z0mbix commented on GitHub (Mar 12, 2021):

Excellent, I’ve upgraded and it’s working as expected now. Thanks!

@z0mbix commented on GitHub (Mar 12, 2021): Excellent, I’ve upgraded and it’s working as expected now. Thanks!

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

development

l10n_development

further_theme_development

release

llm_only

vectors

v25-11

docker_env

drawio_rendering

user_permissions

ldap_host_failover

svg_image

prosemirror

captcha_example

fix/video-export

v25.12.3

v25.12.2

v25.12.1

v25.12

v25.11.6

v25.11.5

v25.11.4

v24.11.4

v25.11.3

v25.11.2

v25.11.1

v25.11

v25.07.3

v25.07.2

v25.07.1

v25.07

v25.05.2

v25.05.1

v25.05

v25.02.5

v25.02.4

v25.02.3

v25.02.2

v25.02.1

v25.02

v24.12.1

v24.12

v24.10.3

v24.10.2

v24.10.1

v24.10

v24.05.4

v24.05.3

v24.05.2

v24.05.1

v24.05

v24.02.3

v24.02.2

v24.02.1

v24.02

v23.12.3

v23.12.2

v23.12.1

v23.12

v23.10.4

v23.10.3

v23.10.2

v23.10.1

v23.10

v23.08.3

v23.08.2

v23.08.1

v23.08

v23.06.2

v23.06.1

v23.06

v23.05.2

v23.05.1

v23.05

v23.02.3

v23.02.2

v23.02.1

v23.02

v23.01.1

v23.01

v22.11.1

v22.11

v22.10.2

v22.10.1

v22.10

v22.09.1

v22.09

v22.07.3

v22.07.2

v22.07.1

v22.07

v22.06.2

v22.06.1

v22.06

v22.04.2

v22.04.1

v22.04

v22.03.1

v22.03

v22.02.3

v22.02.2

v22.02.1

v22.02

v21.12.5

v21.12.4

v21.12.3

v21.12.2

v21.12.1

v21.12

v21.11.3

v21.11.2

v21.11.1

v21.11

v21.10.3

v21.10.2

v21.10.1

v21.10

v21.08.6

v21.08.5

v21.08.4

v21.08.3

v21.08.2

v21.08.1

v21.08

v21.05.4

v21.05.3

v21.05.2

v21.05.1

v21.05

v21.04.6

v21.04.5

v21.04.4

v21.04.3

v21.04.2

v21.04.1

v21.04

v0.31.8

v0.31.7

v0.31.6

v0.31.5

v0.31.4

v0.31.3

v0.31.2

v0.31.1

v0.31.0

v0.30.7

v0.30.6

v0.30.5

v0.30.4

v0.30.3

v0.30.2

v0.30.1

v0.30.0

v0.29.3

v0.29.2

v0.29.1

v0.29.0

v0.28.3

v0.28.2

v0.28.1

v0.28.0

v0.27.5

v0.27.4

v0.27.3

v0.27.2

v0.27.1

v0.27

v0.26.4

v0.26.3

v0.26.2

v0.26.1

v0.26.0

v0.25.5

v0.25.4

v0.25.3

v0.25.2

v0.25.1

v0.25.0

v0.24.3

v0.24.2

v0.24.1

v0.24.0

v0.23.2

v0.23.1

v0.23.0

v0.22.0

v0.21.0

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.0

v0.18.5

v0.18.4

v0.18.3

v0.18.2

v0.18.1

v0.18.0

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.1

v0.13.0

v0.12.2

v0.12.1

v0.12.0

v0.11.2

v0.11.1

v0.11.0

v0.10.0

v0.9.3

v0.9.2

v0.9.1

v0.9.0

v0.8.2

v0.8.1

v0.8.0

v0.7.6

v0.7.5

v0.7.4

v0.7.3

0.7.2

v.0.7.1

v0.7.0

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.0

Labels

Clear labels

🎨 Design

📖 Docs Update

🐛 Bug

🐛 Bug

:cat2:🐈 Possible duplicate

💿 Database

☕ Open to discussion

💻 Front-End

🐕 Support

🚪 Authentication

🌍 Translations

🔌 API Task

🏭 Back-End

⛲ Upstream

🔨 Feature Request

🛠️ Enhancement

🛠️ Enhancement

🛠️ Enhancement

❤️ Happy feedback

🔒 Security

🔍 Pending Validation

💆 UX

📝 WYSIWYG Editor

🌔 Out of scope

🔩 API Request

:octocat: Admin/Meta

🖌️ View Customization

❓ Question

🚀 Priority

🛡️ Blocked

🚚 Export System

♿ A11y

🔧 Maintenance

> Markdown Editor

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#2151