Backend originated verification


I am new to the Oauth2 and am struggling with the following problem.

I have a backend app which has User’s digital ID (let’s say google, facebook, wechat, or similar ID/account name).
There is no frontend part as my server is just a cog in the machine.

At certain points of the operation, the server (my app) must make sure the user is the owner of the stated account (google, fb, wechat, …), and possibly, offer some freshness information.

As far as I understood, I need to employ the Authorization code flow. Some frontend app would send me the authorization code, and I will contact the Digital Identity Provider, and by checking the token - access ‘freshness’ information.

Is that correct?
And how does Okta come into play in this scenario?


Okta can be that “Digital Identity Provider” as you named it, instead of Google, Facebook, etc… So you can do OIDC flow with Okta, if your users are in it.