We want to use Okta as OIDC client to work with OIDC Open Id Client. We want hybrid kind of model means both PKCE with authorization_code and Client credentials to work in single application. Front end will use PKCE for /authorize and /token and backend will use /introspect with Basic client credentials to verify token. I can accommodate only one client details, Is it possible?
In Okta if we create “Web Application” in OIDC we are not able to used Pure PKCE flow using React, it expects client id and client secret.
No, this is not possible in Okta. You can only enable Client Credentials flow on either a Web or Service type application and PKCE with client authentication “None” is only available for Native or SPA type applications.