Hello,
I have downloaded the below github sample code for testing PKCE. And created application in okta with clientID and client auth as None and PKCE option selected as “Required PKCE as additional verification”.
How can I get the authorization code and exchange the code for tokens.
The Authorize request should be made in the browser, because the user needs to complete primary authentication and get an Okta session to get a token back. If you make the authorize call that way, can you get the auth code (sent back to the redirect_uri)?
Thank you so much for your response. I did the Auth RQ through browser using redirect_uri. Now I am able to get the auth code in the browser. And using this auth code I am able to get the access_token using code_verifier.
How can I get the user role from an authenticated user? Im using nextauth for that and I’m getting the jwt successfully but no user role it’s available. Or should I request an api for that using the user Id? Which one? What api token should I use?