You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Right now, our authentication methods, including signInWithExternalAuth, add a code_challenge and code_challenge_method to enable PKCE authentication.
Some 3rd party identity providers, such as Azure SSO, decide whether or not to enable PKCE authentication based on whether the client initiates in their call to /authorize
To allow clients to disable PKCE for these IDPs, we should allow them to disable sending PKCE params in the signInWithExternalAuth calls
The text was updated successfully, but these errors were encountered:
rahul1
changed the title
Add option to disable PKCE on signInWithExternalAuth
Add option to disable PKCE on `signInWithExternalAuth`
Nov 8, 2023
rahul1
changed the title
Add option to disable PKCE on `signInWithExternalAuth`
Add option to disable PKCE on signInWithExternalAuth
Nov 8, 2023
Right now, our authentication methods, including signInWithExternalAuth, add a
code_challenge
andcode_challenge_method
to enable PKCE authentication.Some 3rd party identity providers, such as Azure SSO, decide whether or not to enable PKCE authentication based on whether the client initiates in their call to
/authorize
To allow clients to disable PKCE for these IDPs, we should allow them to disable sending PKCE params in the
signInWithExternalAuth
callsThe text was updated successfully, but these errors were encountered: