/// <summary> /// Requests an access token /// </summary> /// <returns>The access token.</returns> private async Task <string> RequestAccessTokenAsync() { _logger.LogTrace("Generate a signed JWT."); var jwtSecurityToken = _jwtGenerator.GenerateSignedJWT(); var accessTokenUri = $@"oauth2/v1/token?grant_type=client_credentials&scope={string.Join("+", Configuration.Scopes)}&client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&client_assertion={jwtSecurityToken.ToString()}"; _logger.LogTrace("Request an access token."); var request = new HttpRequestMessage(HttpMethod.Post, accessTokenUri) { Content = new FormUrlEncodedContent(new Dictionary <string, string>()) }; using (var response = await _httpClient.SendAsync(request).ConfigureAwait(false)) { if (response == null || response.Content == null) { throw new InvalidOperationException("The access token response from the server was null."); } var responseContent = await response.Content.ReadAsStringAsync().ConfigureAwait(false); var data = new DefaultSerializer().Deserialize(responseContent); if ((int)response.StatusCode < 200 || (int)response.StatusCode >= 300) { throw new OktaOAuthException((int)response.StatusCode, _resourceFactory.CreateNew <OAuthApiError>(data)); } if (!data.ContainsKey("access_token")) { throw new MissingFieldException("Access token not found"); } return(data["access_token"].ToString()); } }