I am building a spring boot backend. My backend application is used to store user data, lets say recipes and groceries. Currently I have two frontends, one web application and one spa application. Both work like a charm.
Now I want to open one part of my API to third-party apps, so these apps can access the grocery list of a logged in user. For this I allow authentication with the Bearer -jwt- header.
Is there a way how these third-party apps can get a jwt without having to register an additional application in okta? Hence the anonymous part of my question.