Hi,
We have an application that has parts for admins on a standard java web app, and for end users its on mobile devices. In the dev instances of okta, we have had to do two app registrations. One for Web and One for Mobile, resulting in separate clientIds.
Is this a limitation of the free account ? Other providers (e.g Azure) let you add multiple platforms under the same app registration(clientId)
Thanks
the app types are only tied to available grant types and authentication methods
in this case, if you are using the standard authorization code flow the web app can be used in both instances, otherwise if you are using the PKCE extension, the native app can be used for both
having multiple clients isn’t required
well the grant type is authorization_code in both cases. However when the app developers tried to use the pkce flow with the web-type in okta (without client secret). When I created a new app-type for them in okta (its my dev account), the app devs got the token without any change. I am unsure how the apps will be able to use the Web version, without giving them the clientSecret.
I can potentially switch to the web version , however it asks to make a strict choice on that screen between public client (pkce) and confidential client (clientSecret-web). What I am trying to do is use both public client (pkce-native) and confidential client (clientSecret-web) under the same app registration in okta.