Advice needed: How to let anonymous Apps create jwt for users

I am building a spring boot backend. My backend application is used to store user data, lets say recipes and groceries. Currently I have two frontends, one web application and one spa application. Both work like a charm.

Now I want to open one part of my API to third-party apps, so these apps can access the grocery list of a logged in user. For this I allow authentication with the Bearer -jwt- header.

Is there a way how these third-party apps can get a jwt without having to register an additional application in okta? Hence the anonymous part of my question.