Jump to content

PKCE Extension (OAuth)


Recommended Posts

Can we possibly see Proof Key for Code Exchange(PKCE) implemented for OAuth2 / REST API in the future?


I noticed that by default the login controller appends a CSRFKey to the login request so I'd imagine it'd be possible to apply something similar for the users who want to use their community as an OAuth server for their desktop application (public, no client secret)


Until then I'm going to have to use Resource Owner Credentials / implicit which is not advised anymore.

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...