-
Type:
Improvement
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: None
-
Component/s: documentation
-
Labels:
https://backstage.forgerock.com/#!/docs/openam/13.5/reference
Does not directly mention PKCE that I could find but a customer noted:
"PKCE is refenced in this page, you have to search "Code Verifier Parameter Required"."
An internal note states:
"Is the ask whether we support at all (ie the draft which is shipped in 13.5) or we support the final spec https://tools.ietf.org/html/rfc7636 ? The draft is implemented in 13.5 and should work and is supported. OAuth2 client authentication modules however are not PKCE enabled."
We should amend documentation to detail the level of support of PKCE in OpenAM 13.5 and future versions.