The format of the authorization response is controlled via the response_mode parameter. Okta supports several modes including query, fragment, form_post, and okta_post_message (proprietary).
The authorization endpoint is not a JSON API. Its intended to be a front channel endpoint that you redirect the browser to. The token endpoint is the back channel endpoint that returns JSON.
Are you trying to use OIDC from a Single Page App? If so, you might want to look at using okta_post_message which can use HTML5 PostMessage with a hidden iframe.