Okta API getting started error setting cert type | Getting User Apps api call

StackOverflow https://stackoverflow.com/questions/21706850

  •  10-10-2022
  •  | 
  •  

Question

I am trying to get started with the Okta API.

The command I type in cmd is:

curl -v -H "Authorization: SSWS MyAPITokenHERE" \
        -H "Accept: application/json" -H "Content-Type: application/json" \
        -X GET "https://MyDomain.okta.com/api/v1/apps"

*note I formatted with backslashes at the end of line to better read.

The above command is the format according to the API documents.

C:\Users\MyAccount>curl -v -H "Authorization: SSWS MyApiToken" -H "Accept: application/json" -H "Content-Type: application/json" -X
 GET "https://MyDomain.okta.com/api/v1/apps" --cert-type (SSL)

* About to connect() to mydomain.okta.com port 443 (#0)
*   Trying 99.99.999.999...
* connected
* Connected to mydomain.okta.com (99.99.999.999) port 443 (#0)
* error setting certificate verify locations:
  CAfile: /usr/ssl/certs/ca-bundle.crt
  CApath: none
* Closing connection #0
curl: (77) error setting certificate verify locations:
  CAfile: /usr/ssl/certs/ca-bundle.crt
  CApath: none

I have tried setting the certification type to SSL but that did not fix it. I am currently going through documentation and stackoverflow questions but with no luck.

I would appreciate it if someone can explain the reasoning behind this & help me figure out what I need to do? Thank you in advance.

Okta API Documentation https://github.com/okta/api/blob/master/docs/getting_started/design_principles.md

CURL Documentation http://curl.haxx.se/docs/manpage.html

Update I have added the optional parameter [-k] to suppress the SSL check but still would like to know what the problem could is

curl -v -H "Authorization: SSWS MyAPITokenHERE" \
        -H "Accept: application/json" -H "Content-Type: application/json" \
        -X GET "https://MyDomain.okta.com/api/v1/apps" -k
Was it helpful?

Solution

Also add the -k parameter with your curl command to overcome this ssl error by ignoring the ssl verification.

OTHER TIPS

Curl needs to know/trust the certificate used to sign the certificate from Okta. As you are using curl, this certificate should be in the file /usr/ssl/certs/ca-bundle.crt (and this file needs to be readable by the user which is running the curl command). You can download a current copy of the bundle (which includes the cert you need) from the Curl Cert Authority Bundle webpage.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top