Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add optional support for PKCE #320

Merged
merged 2 commits into from
Aug 21, 2020
Merged

add optional support for PKCE #320

merged 2 commits into from
Aug 21, 2020

Conversation

bodewig
Copy link
Collaborator

@bodewig bodewig commented Mar 27, 2020

Initially PKCE has only been used for publci clients but recent security best practices recommend enabling it for confidential clients as well. See also the recent OAuth 2.1 draft https://tools.ietf.org/html/draft-parecki-oauth-v2-1-01

@bodewig bodewig requested a review from zandbelt March 27, 2020 16:40
@dholth
Copy link
Contributor

dholth commented Apr 6, 2020

I was looking for this today.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants