review change

Author: alisaduncan

_source/_posts/2023-07-28-oidc_workshop.md

@@ -519,9 +519,7 @@ Open the model for `Org`, press the green **Add record** button, and press the g
 
   1. **Domain** - Enter the domain name of this organization. It should match the domain name of the email address they'll use. For example, if your customer's organization domain is `whiterabbit.fake`, the domain record is "whiterabbit.fake". Since we are testing with made-up customers, use the email domain you used when you signed up for the Okta Developer Edition organization.
   1. **Client ID** and **Client Secret** - Fill out the `client_id` and `client_secret` for the org with ID 1, using the values from Okta. 
-  2. **Issuer** - In the "Security" section of the sidebar in the Okta Admin Console, navigate to **API**. This page lists the Issuer URI for the Okta organization, which goes into the app's database for that org as its `issuer`. 
-  3. **Authorization endpoint** and **Token endpoint** - On the same page in the Okta Admin console as the issuer, click the name of the default authorization server, find the **Metadata URI**. This URI will be of the form `your-dev-account-id.okta.com/.well-known/oauth-authorization-server`. Click on the URI to open it in the browser where you will see data in JSON format. From this authorization server metadata, copy the `authorization_endpoint` to the `authorization_endpoint` field in your app's database. Copy the `token_endpoint` to the corresponding field in the database as well. 
-  4. **Userinfo endpoint** - To find the `userinfo_endpoint`, replace the string `oauth-authorization-server` in the metadata URL with `openid-configuration`, and copy the `userinfo_endpoint` from the resulting page to the database. 
+  2. **Issuer**, **Authorization endpoint**, and **Token endpoint** - Visit your Okta org authorization server **Metadata URI** directly through the browser by visiting this URL `https://{yourOktaOrg}/.well-known/openid-configuration` – be sure to add your specific Okta org URL. For more information, refer to this documentation on the [Okta org authorization server](https://developer.okta.com/docs/concepts/auth-servers/#org-authorization-server). From this authorization server metadata, copy the `issuer` to the `issuer` field, then the `authorization_endpoint` to the `authorization_endpoint` field in your app's database, and finally the `token_endpoint` to the corresponding field in the database as well.
 
 After this step, your database should contain the `client_id` and `client_secret` unique to the OIDC app that you made in Okta. All endpoint fields will start with the Okta organization's domain.