Using (or not) auth0 from desktop apps

Looking for confirmation of research plse. I have auth0 successfully integrated into an SPA where users create accounts and license my product.

I’d like to create an experience in my desktop based product where the user can do the same natively, without having to break out a browser and copy and paste a generated license key back to the app as they have to today.

I don’t believe what I want to do is possible, from the reading and investigations, as the app runs on windows, macOS and Linux from a single Java Swing codebase, without embedding my client secrets in the app - a big no-no.

Am I right in thinking there’s no way to spawn the browser needed for lock.js style authentication, process the callback and check for success and retrieve the jwt from within java on those platforms plse?

Has anyone found a successful pattern for this plse?

Cheers
Alan