Does the IdP OIDC extension support PKCE?

Henri Mikkonen henri.mikkonen at
Thu Aug 20 09:29:22 UTC 2020

> On 20 Aug 2020, at 0.23, Wessel, Keith <kwessel at> wrote:
> I don't see anything in the OIDC extension docs about this, so I figured I'd ask. Does the OIDC extension support PKCE and the use of a code_challenge parameter in place of a client secret in an authorization request? This is, obviously, in the context of mobile apps and not having to embed the client secret in the app.

Yes, PKCE is supported since 1.1.0. I’ve just added a case example at the end of the following Wiki-page: <>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list