I'm developing a Spring Boot application which will be able to call Okta Users API to get user's information using OAuth2 as the authorization method. I'm trying to use refresh tokens, so that they do not expire every 60 minutes.

I followed the steps in the documentation (mainly this https://developer.okta.com/docs/guides/refresh-tokens/main/), but many points are still not clear:

• I configured the Application with grant types Authorization Code and Refresh Token, and a callback URL pointing to my app. This part works, I receive the request containing the code. My problem is that I don't have a way to identify which Okta environment does this code belong to (there might be different clients using this functionality). Is there something else that is sent along to this callback URL that helps identify the Okta environment?
• Once I obtain this code, I'm supposed to use it to make calls to /oauth2/v1/token to obtain a refresh token, but it seems to require some other parameters like code_verifier which I do not know how to obtain.
• In case I'm able to finally get this refresh token, how do I need to use it to autenticate api calls such as /api/v1/users ?

As you can see, I'm pretty lost here. Any help will be very much appreciated.