We know that SPFx web-part is client-side solution.
The practical implication of this term is, whichever APIs this web-part is dependent on, that API must be registered and secured with Azure-AD.
It could be MS-graph or any other API and SPFx has APIs like AadHttpClient and MSGraphClient to invoke it on behalf of the same user who has signed into SharePoint.
However, if my web-part wants to access some API which is a std. OAuth API but this API is NOT registered with AAD. Instead it is registered with some other identity solution eg., Okta, can such API be invokable by my web-part ??
If it was MS-teams custom app, teams provide java-script API to open up a modal-popup and let the custom app finish the full OAuth authentication flow with Okta.