Menu
I created a spa application owned by my organization only, but there was a problem when I requested code. How can I resolve it?
425
Proof Key for Code Exchange (abbreviated PKCE, pronounced “pixie”) is an extension to the authorization code flow to prevent CSRF and authorization code injection attacks.
PKCE OAuth OIDC. PKCE is an OAuth 2.0 security extension for public clients on mobile devices intended to avoid a malicious programme creeping into the same computer from intercepting the authorisation code. The RFC 7636 introduction discusses the mechanisms of such an attack.
A redirect URI, or reply URL, is the location where the authorization server sends the user once the app has been successfully authorized and granted an authorization code or access token.
I can reproduce your problem, you have to add the redirect URL under the web (not single page application). After that, you will be able to use the auth code flow to get the code.
Similar problem,see: here and here and here.
200
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
