My application will log in some of the type but not nearly all of the time. When it does login things go swimmingly, I get my refresh and access tokens as expect but more than 70% of the time OKTA return and invalid_grant error:
error = "invalid_grant"; "error_description" = "PKCE verification failed.";
When it succeed it’s seems to be no different than when it fails. It uses the exact same code but sometimes okra does like it and sometimes it does. I can’t be the redirect uri because would never work. It’s definitely not the grant_type because it would also never work and it does sometimes. Similarily with the client_id. The authorization code I’m getting from okta so that can’t be it. The only thing left is the code verifier which you would think would be the returned error if that was the problem. I’m stumped and have been for a while.