Menu
▾
▴
Re: [Unity-idm-discuss] PKCE for confidential clients
|
From: Krzysztof B. <kb...@un...> - 2024-01-25 16:56:27
|
Hi Sander, W dniu 23.01.2024 o 10:02, Sander Apweiler pisze: > Good morning Krzysztof, > good morning Roman, > > since PKCE is recommended for confidential clients as well, I wonder if > unity supports this for confidential clients, too? That was never tested a lot but should work. It is only not possible to enforce PKCE for confidential clients: it is opt in. However, if during the first OAuth stage (authzCode) PKCE code challenge i used, PKCE will be enforced later on. Best, Krzysztof |
