I currently have a scenario where the client has a JWT that’s signed by Apple. I’ve also configured Apple as a Identity Provider for our authorization server (so Sign In With Apple works). What I want to do is for the client to be able to use the Apple signed JWT to authenticate with Okta and get an Okta signed JWT token back.
Basically, what’s specified here: https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-12#section-2
Is that possible?