I am attempting to build a custom connector for Workday as a replacement for the Workday HCM connector not going into production. I have run into one major hurdle that has put a complete stop to my custom connector development. Power Platform requires that I have a client secret for the API I am integrating with. For my Workday Report as a Service (RaaS) REST-based API, a client secret is not generated and is the standard for this API when defining permissions based on the user. This API uses an OAuth 2.0 implicit grant or authorization code to authenticate users neither of which use of a client secret. Since the custom connector security page requires that the connecting API have a client secret, there is no way for me to connect these two services. I am asking that the requirement for a client secret be removed in order to facilitate OAuth 2.0 API authentication that doesn't have or use a client secret. If the client secret requirement was removed, it would allow me to finally authenticate with my API.
Within Postman, I am able to connect to the API just fine without a client secret. I would like this kind of functionality in custom connectors.