code_chellenge is required #840
Unanswered
GRRedWings
asked this question in
Q&A
Replies: 1 comment 3 replies
-
you can either disable PKCE for the mod_auth_openidc client in PingFederate, or enable PKCE in mod_auth_openidc's config with |
Beta Was this translation helpful? Give feedback.
3 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I'm sure I'm going to struggle asking the question correctly, but maybe someone can help me understand.
I have configured a location for AuthType of openid-connect. This works fine with our normal configurations with Azure & Google IDPs.
We are trying to connect to a PingFederate server and we get an error
Error: OpenID Connect Provider error: invalid_request
Description: code_challenge is required.
Based on a little research, I believe that this PF IDP is using PKCE flow. My question is, is it possible to configure something like OIDCResponseType to not use PKCE, or is there a different way I need to configure the AuthType?
We use AuthType of oauth2 for our Android PKCE flow, but when I try to use the same configuration and OAuth2TokenVerify of jwks_uri, I get an Unauthorized error.
Thanks for any help or direction.
Beta Was this translation helpful? Give feedback.
All reactions