My company is building a new integration and we typically use Okta via OAuth 2.0 Authorization Grant with PKCE for authentication. I was able to implement this with Zapier, however, I’m running into issues with the PKCE challenge itself. Sometimes, it works perfectly and I can log in, but other times it fails.
I generate this challenge only once in the code, however, when I look at the logs the challenge being used in the initial authorize call does not match the challenge being compared to in the getAccessToken call, which obviously results in a failed authentication. It appears that it’s executing the code that generates the challenge twice and creating a new challenge in between these calls.
I’ve tried to generate the challenge a multitude of ways from keeping it in the authentication file to moving it into the index file with a closure.
Another thing that I’ve found interesting is that so far I haven’t seen it do this when running tests locally. It only seems to happen on the Zapier UI.
Can anyone explain what could be causing this or suggest a solution?