This issue was resolved by the Client Authentication Endpoint setting being POST by default instead of NONE. Appears to be a common issue and a bug where the SPA setting is defaulting to POST which is not correct.
1 Like