Update OIDC Client JWKS keys

Hello All,

I am creating OIDC Client using Dynamic Client Registration API (Okta Java SDK). I was able to create the client using DefaultOIDCApplicationBuilder and set the JWKS keys on the client.

Now, I am trying to update the JWKS on Client.


  1. I retrieve the Client/Application using Client.getApplication(clientId)
  2. Cast the Application retrieved in Step 1 to DefaultOpenIdConnectApplication
  3. Set JWKS keys on the Applicaiton
  4. Call DefaultOpenIdConnectApplication.update() after setting the JWKS keys

I get below error
com.okta.sdk.resource.ResourceException: HTTP 403, Okta E0000006 (You do not have permission to perform the requested action), ErrorId oaeFQx4CeCoQ8edfQWQStMhAQ

But I think I have the right scopes set on the Application I used to to connect to Okta.

The Okta API scopes on the application are:

Any idea what I might be doing wrong ? Or do I need any other API scope set/configuration for updating JWKS keys of existing client ?