Error validating access token wordpress
In my previous post we setup a basic o Auth connection between our plugin and Google.
Within a post, you could log into Google and get info about a You Tube video to import into your post.
If you are building a modern app or API, you likely want to know if your end-user is authenticated.
This is important to give context or to protect APIs from unauthenticated users.
ID Tokens, on the other hand, are intended for authentication.
They provide information about the resource owner, to allow you verify that they are who they say they are. Because of this, when a client makes an authentication request, the ID Token that is returned contains the The JSON Web Keys (JWK) need to be retrieved from your Okta Authorization Server, though your application should have them cached.
As mentioned above, it is important that the resource server (your server-side application) accept only the access token from a client.
This is because access tokens are intended for authorizing access to a resource.
The issue doesnt happen for users with sysadmin privileges as they dont need to authenticate through in the same way.They are signed using private JSON Web Keys (JWK), the specification for which you can find here: https://org/html/rfc7517.More information about Okta’s access tokens can be found here: https://com/standards/OAuth/index.html#access-token.Unfortunately, this means that every time you want to do anything with You Tube you have to log in again.What if you want to schedule some task with You Tube? In the use case I described in the previous post, the PBS News Hour staff needed to be able to schedule an automated nightly change to ‘private’ status for certain You Tube videos, so they had to have a means for persistent login.