Get a Service Application JWT with a Client Secret

Is it possible to get a service application JWT with a client secret using the org authorization server? I have found ways to do this using the /default AZ and a custom AZ, however I am unable to get okta.* scopes when using the default or custom authorization server.

It seems I can accomplish this using the Implement OAuth for Okta with a service app guide. However, I need to achieve that without having to create and sign a JWT. Can I not just simply retrieve a JWT for a service app with an okta.* scope with a client secret?

Hi @sseekamp, With the org auth server, you will need to use the private_key_jwt client authentication method, as shown on the documentation you linked. Okta scopes are only available with the org auth server, and the private_key_jwt client authentication method is the only supported method for OAuth service apps that want to get access tokens with Okta scopes.

1 Like

Thanks @louie are there an alternatives to creating/signing a JWT manually? Is there a way to retrieve a JWT from Okta for a service app that includes the iss/sub claim as the client id with a client secret?