The article discusses the invalid_client_application_type error when attempting to perform an OAuth 2.0 or OIDC flow. This typically happens during the /authorize request.

• API Access Management
• OAuth 2.0 / OIDC
• Custom Authorization Servers
• Token exchange
• Okta Identity Engine (OIE)
• Okta Classic Engine

This error typically occurs when the Client ID used in the /authorize request belongs to an application type that does not support the requested flow. For example, using a Native app's Client ID in a client_credentials flow that requires a Service app.

• Verify Application Type: In the Okta Admin Console, navigate to Applications > Applications and select the app in question. Check the "General" tab to confirm if it is set as Web, Native, or SPA. 
• Correct the Client ID: Ensure the client_id used in the code, configuration, or API request matches the specific application intended for that flow.             
• Align Authentication Method: If the application is a SPA or Native app configured for PKCE only, a client_secret should not be passed.
• Verify Grant Type: Under the application's General Settings > Grant type, ensure the grant type being requested (for example, authorization_code, client_credentials, implicit) is enabled for that application.
• Update Authorization Server: Ensure the Client ID is correctly associated with the specific Authorization Server and Scope being requested.