Getting `unauthorized_client` error while introspecting token from NestJS API
Hello everyone 
I'm trying to implement authentication via Zitadel on a NestJS REST API, like on this example repo. On the Zitadel side, I have a project with two apps:
- one with “API” type, with JWT private key authentication (dedicated to the NestJS API)
- one with “User Agent” type, with PKCE authentication (so that a user can retrieve an access token).
With a client like Postman, I'm able to fetch a user access token via “Authentication Code” grant type and the
I'm trying to implement authentication via Zitadel on a NestJS REST API, like on this example repo. On the Zitadel side, I have a project with two apps:- one with “API” type, with JWT private key authentication (dedicated to the NestJS API)
- one with “User Agent” type, with PKCE authentication (so that a user can retrieve an access token).
With a client like Postman, I'm able to fetch a user access token via “Authentication Code” grant type and the
/oauth/v2/authorize/oauth/v2/authorize and /oauth/v2/token/oauth/v2/token endpoints. When calling a NestJS API endpoint protected by Zitadel authentication, the call to the introspection endpoint made in the strategy.jsstrategy.js file of the passport-zitadelpassport-zitadel library receives a 400 Bad Request, indicating “unauthorized_client”. Any ideas?