I have a SPA setup, and I’m trying to get server-side integration tests to work with Okta. Normally users get a token via PKCE, then pass it to the API in a header. Now I’m working on adding integration tests to the API, and I’d like for them to use the same authentication logic as normally happens. That way, all the auth logic is exercised by the tests. However, it looks like it’s not possible to use the Client Credentials flow with a SPA. Is that correct?
I know I could create a separate application for the integration tests, but then that adds complication to my API because the okta libraries only work with one clientID, so I’d have to add logic to do a separate auth flow for the integration tests. What’s the best way to do this?