@phi1ipp thanks again. The app was using SAML, but was not set up to receive the SAML assertion.
I’ve created a new OIDC app in Okta and am trying to now configure my custom login to use the new app, although now running into a different issue. I can’t seem to figure out how to use the Authentication API to login using my app’s sign-on policy. If I specify an audience in the request, I get an error saying “Sign-in not allowed for app ‘{appId}’”. If I don’t specify an audience, it seems the org-wide policy is used. Is it possible to use the Authentication API to sign-in to a specific application?
Edit: I’ve opened up a separate topic here for my latter question: Using Application Sign-on Policy with MFA via API. Thanks again for your help.