Okta: Fetching Access Token via JavaScript

I’ve been struggling to really understand the Okta docs regarding this but basically im trying to fetch an Okta Access Token via their API using Vanilla JS.

I am using the following JS SDK to simplify things:

this is my code:

let oktaConfig = {
  issuer: 'https://{OKTA_DOMAIN}/oauth2/default/v1/token',
  clientId: "CLIENT_ID",
  tokenManager: {
    storage: 'sessionStorage'

const oktaAuth = new OktaAuth(oktaConfig)

  username: "USER", 
  password: "PASSWORD"
}).then(function(data) {

  let token = data.data.stateToken

From the request I retrieve a "stateToken" however how am I able to then retrieve a Access Token?


23 thoughts on “Okta: Fetching Access Token via JavaScript”

  1. It turns out that the account had been setup with MFA enabled and therefore I was only getting the "stateToken". By disabling MFA on the account I receive a "sessionToken" which can be parsed into the /authorize endpoint to retrieve the Access Token


Leave a Comment