When authenticating with an invalid client_assertion_type we get a 401 response with invalid_client error instead of a 400 response with invalid_request error. And per section 5.2 of RFC-6749 we interpreted that an invalid client_assertion_type would result in an invalid_request error since it… “includes an unsupported parameter value (other than grant type)”
Is this something anyone else has run into? And is this something Okta can fix?