Is there a reason device code is the only supported flow to get an access token? It should be fairly simple to support other options, either manually through Invoke-OktaApiClient or trivially by using MSAL with WithOidcAuthority($Configuration.BaseUrl).

Would you entertain a PR for this functionality?