I’m attempting to set up an authentication flow using Authorization Code w/ PKCE flow on an app that cannot safely store the Client Secret.
The Okta app configuration is set to Web, and I am getting the error
Client authentication failed. Either the client or the client credentials are invalid upon making a request with the authorization code. Do Web apps not support Authorization Code w/ PKCE without providing a Client Secret?