Documentation for OAuth PKCE feature¶ ↑

The oauth_pkce feature implements the OAuth 2.0 Proof Key for Code Exchange authorization code grant extension.

This feature depends on the oauth_authorization_code_grant feature.

Auth Value Methods¶ ↑

oauth_require_pkce	Enforces usage of PKCE, `true` by default.
oauth_pkce_challenge_method	challenge method used in PKCE flow, `S256` by default.
oauth_grants_code_challenge_column	the db column where the oauth grant PKCE code challenge is stored, `:code_challenge` by default.
oauth_grants_code_challenge_method_column	the db column where the oauth grant PKCE code challenge method is stored, `:code_challenge_method` by default.
oauth_code_challenge_required_error_code	oauth error code for when PKCE code challenge is required, `"invalid_request"` by default.
oauth_code_challenge_required_message	error description for the “code challenge required” OAuth error code, `"code challenge required"` by default.
oauth_unsupported_transform_algorithm_error_code	oauth error code for when the PKCE transform algorithm is unsupported, `"invalid_request"` by default.
oauth_unsupported_transform_algorithm_message	error description for the PKCE “unsupported transform algorithm” OAuth error code, `"transform algorithm not supported"` by default.