Native Client Authentication Failing

I have a piece of code based on Okta’s sample, “WindowsConsoleSystemBrowser”.

I have a native (non-web) application and it is registered as such. When I try to authenticate the current user I get a response that reads:

Error redeeming code: Unauthorized / Client authentication failed. Either the client or the client credentials are invalid.

Here is my OidcClientOptions – very straightforward, I think:

OidcClientOptions options = new OidcClientOptions
    {
     Authority = "https://MyCompany.okta.com",
     ClientId = "0oaXXXXXXXXXXXXXX357",
     Scope = "openid",
     RedirectUri = redirectUri
     };

Now here’s a small piece of code that takes the OidcClientOptions and starts a Process on Windows to open a web browser:

OidcClient client = new OidcClient(options);
AuthorizeState state = await client.PrepareLoginAsync();

 Console.WriteLine($"Start URL: {state.StartUrl}");

CallbackManager callbackManager = new CallbackManager(state.State);

 // open system browser to start authentication
 Process.Start(state.StartUrl);

The browser opens for a moment and the callback URI is used to send the authentication response, even before the user gets a chance to enter a username/password. Again, the response is:

Error redeeming code: Unauthorized / Client authentication failed. Either the client or the client credentials are invalid.

That sounds like a failure happened during the /token request back to Okta. Are you able to review the actual request Okta was sent to see how its being authorized?

Also, for your Native app, within Okta, does it have a Client ID listed in its General settings or does it have “None” selected for “Client authentication”?