code_chellenge is required #840
              
                Unanswered
              
          
                  
                    
                      GRRedWings
                    
                  
                
                  asked this question in
                Q&A
              
            Replies: 1 comment 3 replies
-
| you can either disable PKCE for the mod_auth_openidc client in PingFederate, or enable PKCE in mod_auth_openidc's config with  | 
Beta Was this translation helpful? Give feedback.
                  
                    3 replies
                  
                
            
  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment
  
        
    
Uh oh!
There was an error while loading. Please reload this page.
-
I'm sure I'm going to struggle asking the question correctly, but maybe someone can help me understand.
I have configured a location for AuthType of openid-connect. This works fine with our normal configurations with Azure & Google IDPs.
We are trying to connect to a PingFederate server and we get an error
Error: OpenID Connect Provider error: invalid_request
Description: code_challenge is required.
Based on a little research, I believe that this PF IDP is using PKCE flow. My question is, is it possible to configure something like OIDCResponseType to not use PKCE, or is there a different way I need to configure the AuthType?
We use AuthType of oauth2 for our Android PKCE flow, but when I try to use the same configuration and OAuth2TokenVerify of jwks_uri, I get an Unauthorized error.
Thanks for any help or direction.
Beta Was this translation helpful? Give feedback.
All reactions