I am trying to run the sample Postman script described here:
For the authorize endpoint, I do not know what to set for the callback. Per standard OIDC, I assume I need to set the same callback in the authorization request as is in the OKTA application, right?
I saw one post describing the use of the Postman Interceptor, but I am still unclear.
Do I have to have another web app running at the same time to display the log in screen?
One site suggested using https://oauth.pstmn.io/v1/browser-callback, but that did not work.
What should the callback be set to???
Thanks for any help
Also, for {{url}}/oauth2/v1/introspect, why does the collection set the user id and password to clientId and client secret? I see the id and secret are neede, but why are they put in the user id and pwd headers?