You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
PKCE is recommended whenever the OAuth2 client has no client secret or has a client secret that cannot remain confidential (e.g., native, mobile, or client-side web applications).
While researching what flow to use I found this comment which links some useful information on why PKCE is recommended even for confidential clients. This is pretty interesting and I feel like it would have been useful to find this when reading the crate docs.
The text was updated successfully, but these errors were encountered:
https://docs.rs/oauth2/5.0.0-rc.1/oauth2/index.html#getting-started-authorization-code-grant-w-pkce currently notes:
While researching what flow to use I found this comment which links some useful information on why PKCE is recommended even for confidential clients. This is pretty interesting and I feel like it would have been useful to find this when reading the crate docs.
The text was updated successfully, but these errors were encountered: