According to the Token Introspection draft (https://tools.ietf.org/html/draft-ietf-oauth-introspection-11) -
token_type_hint OPTIONAL. A hint about the type of the token
submitted for introspection. The protected resource MAY pass this
parameter to help the authorization server to optimize the token
lookup. If the server is unable to locate the token using the
given hint, it MUST extend its search across all of its supported
token types. An authorization server MAY ignore this parameter,
particularly if it is able to detect the token type automatically.
Values for this field are defined in the OAuth Token Type Hints
registry defined in OAuth Token Revocation
It seems like Okta is simply ignoring this parameter if it is able to locate the right token based on the token value. I’m guessing the performance of this endpoint is boosted when you pass the right token_type_hint as the auth server will be able to quickly locate the right token.
As far as I understand, this is an expected behavior and not a bug.