How protected are tokens in OKTA?

I just wanted to know how OKTA ensures its ID Token, Access Token and Refresh Tokens are secured and safe from token attacks such as those mentioned here?

Common Token Attacks:
• None Hashing Algorithm,
• Token Sidejacking,
• No Built-In Token Revocation by the User (this one I think is already handled since OKTA has a token revocation endpoint)
• Token Information Disclosure
• Token Storage on Client Side

The developer may have some responsibility in this too but want to know what are those handled by OKTA.