Missing parameter code_challenge_method

Question

I'am learning oauth 2.0 and used keycloak as authorization server.whenever I'am sending following request:-

http://localhost:7070/auth/realms/developer/protocol/openid-connect/auth?client_id=tcs&response_type=code&scope=openid profile&redirect_uri=http://localhost:8080/callback&state=zxczczxc232

I got error given below:-

http://localhost:8080/callback?error=invalid_request&error_description=Missing+parameter%3A+code_challenge_method&state=zxczczxc232

Answer 1

keycloak has PKCE enabled and because of that, you as a client must send a code_challenge as part of the initial authentication request.

What you need to do is to:

1. Generate a random value (code_verifier)
2. Calculate the hash of that value (code_challenge)
3. Send the code_challenge in your initial auth request
4. Send the code_verifier when you later ask for the tokens

Like this picture shows below:

Answer 2

I have counter same problem and my solution is: Step to fix is: Clients task -> Choose your client -> Advance Setting -> Go to selection box: Proof Key for Code Exchange Code Challenge Method -> Make it empty(not select any thing) And you don't need to provide parameter code_challenge_method