I am implementing a OIDC implicit flow application and running into issues with Authorization Server configuration.
During my development, I used the
default custom authorization server (https://dev-xxxx.oktapreview.com/oauth2/default/v1/authorize) and it worked. However, when using my org OKTA, it is throwing “Invalid JOSE Header kid (xxxxxxx-uJPflI)”.
The issuer for Org OKTA I was given is:
Is it possible to authenticate an accessToken against the default Authorization Server? Any ideas on this?