Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add option to disable PKCE on signInWithExternalAuth #3266

Closed
rahul1 opened this issue Nov 8, 2023 · 0 comments · Fixed by #3279
Closed

Add option to disable PKCE on signInWithExternalAuth #3266

rahul1 opened this issue Nov 8, 2023 · 0 comments · Fixed by #3279
Assignees
@ThatOneBro
Labels
auth Authentication and authorization features and fixes
Milestone
November 30, 2023

Comments

@rahul1
Copy link
Member

rahul1 commented Nov 8, 2023
edited
Loading

Right now, our authentication methods, including signInWithExternalAuth, add a code_challenge and code_challenge_method to enable PKCE authentication.

Some 3rd party identity providers, such as Azure SSO, decide whether or not to enable PKCE authentication based on whether the client initiates in their call to /authorize

To allow clients to disable PKCE for these IDPs, we should allow them to disable sending PKCE params in the signInWithExternalAuth calls
@rahul1 rahul1 added the auth Authentication and authorization features and fixes label Nov 8, 2023
@rahul1 rahul1 assigned rahul1 and codyebberson and unassigned rahul1 Nov 8, 2023
@rahul1 rahul1 changed the title Add option to disable PKCE on signInWithExternalAuth Add option to disable PKCE on `signInWithExternalAuth` Nov 8, 2023
@rahul1 rahul1 changed the title Add option to disable PKCE on `signInWithExternalAuth` Add option to disable PKCE on signInWithExternalAuth Nov 8, 2023
@rahul1 rahul1 added this to the November 30, 2023 milestone Nov 8, 2023
@ThatOneBro ThatOneBro assigned ThatOneBro and unassigned codyebberson Nov 8, 2023
@ThatOneBro ThatOneBro mentioned this issue Nov 9, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ThatOneBro ThatOneBro

Labels
auth Authentication and authorization features and fixes
Projects
Medplum Product Roadmap
Archived in project
Milestone
November 30, 2023
Development

Successfully merging a pull request may close this issue.

feat(auth/external): make PKCE on external auth optional medplum/medplum
3 participants
@codyebberson @rahul1 @ThatOneBro