The below error is returned when making a request to the /token endpoint to retrieve OIDC/OAuth tokens:

invalid_token_endpoint_auth_method

• OpenID Connect (OIDC)
• OAuth 2.0

This error is returned if the application made within Okta does not support the client authentication method used in the request. Either the integration is sending the wrong client authentication over, or the application is misconfigured within Okta.

 

The solution for this error will depend on the type of application created within Okta and how the token call includes its client authentication.

• If working on a Javascript Single Page Application (SPA) (for example, using Okta's Angular, Vue, React, AuthJS, or Widget libraries), then the application within Okta used by this application must be configured for PKCE auth without a Client Secret with Client authentication set to None. If the application created has a Client Secret, there is a need to create a new SPA within Okta, an OIDC application of this type of SPA will not have a Client Secret. If there is already an SPA, but the Client authentication is not set to None, proceed in doing so by using the Apps API, see the How to Set Client Authentication to "None" Using REST API for SPA and Native Apps article for details on how to configure this.
• If working on a Mobile application (for example, using Okta's iOS, Android, React Native, or Xamarin libraries), then the application within Okta used by this application must be configured for PKCE auth without a Client Secret. If a Native app in Okta has already been created, make sure Client authentication is set to None.
• If working on a Web application where a server will be making this /token request (for example, using Okta's Java Spring, Node Middleware, or .NET OIDC libraries), then the application within Okta used by this application should be configured with Client authentication set to either Client Secret or Public key / Private key.

Related References

• OpenID Connect  
• How to set Client authentication to "None" using REST API