Unable to add query param client_secret in token api

Hello Team,

I am using @okta/okta-angular and after the authorize api is called then it is trying to call the token api but that is failing with the exception invalid_client, later on, when I investigated the issue using postman I found that client_secret is not getting added as a query param and using postman if I am adding the client secret then I am getting the correct output.

Please help me that how can I add client_secret while the token api is called.

Hi @shipa

Through the Angular package you can perform authorization code flow with PKCE or implicit flow. Authorization code flow with PKCE should not require a client secret to be added, as it uses code verifier and code challenge instead.