Make angular app authentification/authorization work with pkce

Below my app settings:

I have my plain vanilla angular app (accessing a spring boot service) and I installed okta schematics with it. apparently it sets up pkce by default. this has not worked for me because of the following error:
OAuth2 token request

failure : invalid_token_endpoint_auth_method

then I modified the code a bit, added logout redirect uri to the app and made the implicit code flow work.
Now what do I have to change in my angular app and/or my okta application settings to make pkce workflow work?

You need to create a SPA app for Angular, not a Web app like you’re using. A web app requires a client secret when using Auth code flow, a SPA app uses PKCE when using Auth code flow.

if I am to have a spring boot service that can be accessed from angular, android app and postman, do I then have to create different apps for each type of client? Or what would be the recommended workflow for such a scenario?

It’s possible you could use a native app for both Angular and Android since both our SDKs support PKCE. For Postman requests, you’ll need a way to get an access token to make your requests. You could code something up in Spring Boot to display an access token, or create an app with implicit flow and use something like https://oidcdebugger.com to retrieve the token.

1 Like

thank you for the answer. could you recommend a good blog post or other kind of instruction on how to implement the native app workflow? I guess I can handle the Postman case:)

Here’s a blog post I wrote about React Native that might help.