Asp .net core, Swagger and OAuth2


I have defined an application in okta, which its “Client authentication” is “Use PKCE”.

I have defined this “SecurityDefinition” in swagger of my core app :

 options.AddSecurityDefinition("OAuth2", new OpenApiSecurityScheme
            Type = SecuritySchemeType.OAuth2,

            Flows = new OpenApiOAuthFlows
                AuthorizationCode = new OpenApiOAuthFlow
                    AuthorizationUrl = new Uri(""),
                    TokenUrl = new Uri(""),
                    Scopes = new Dictionary<string, string>
                        { "openid", "desc" }, { "profile", "desc" }, { "email", "desc" }
            Description = "Balea Server OpenId Security Scheme"

  app.UseSwaggerUI(options =>
            options.RoutePrefix = "docs";

When I open swagger and enter clientid in (I clear client secret), and click “Authorize” I get this error :


is the code challenge correctly included in the request?
the code_challenge and code_challenge_method parameters need to be passed if the PKCE extension is used and the browser developer tools will show if these are indeed included and correctly set

No code_challenge nor code_challenge_method is passed to request.

Please see this Okta for .net and configure swagger to use Implicit returns different issuer