@PostMapping(path = "/verify", produces = {
MediaType.APPLICATION_JSON_VALUE })
public ResponseEntity<Registration> verify(@RequestParam(name = "token") String activationToken,
@RequestBody(required = false) Registration registration, final HttpServletRequest request,
final HttpSession session) {
final RequestContext requestContext = OktaUtils.constructRequestContext();
requestContext.setUserAgent(request.getHeader("USER-AGENT"));
requestContext.setIpAddress(request.getRemoteAddr());
AuthenticationResponse beginResponse = idxAuthenticationWrapper.beginUserActivation(activationToken,
requestContext);
log.info("Begin Response Status {}",
beginResponse.getAuthenticationStatus());
return new ResponseEntity<>(HttpStatus.OK);
}
Okta returns error: Error Detail: [invalid_request:Only confidential clients can use the activation token flow]
Question: How do you establish a confidential client?
I have configured in the Admin Console with multiple different Application types with Client Secret and Interaction Code enabled but unable to determine how to establish a confidential client for the SDK (GitHub - okta/okta-idx-java: okta-idx-java).