-
-
### Summary
Our Authorization Server expects a Basic Auth header included when requests are made to TokenEndpoint.
Please could you make this an option in the config, many thanks!
### Basic …
-
### Confirm you've already contributed to this project or that you sponsor it
- [X] I confirm I'm a sponsor or a contributor
### Describe the solution you'd like
Regarding the _Authorisation Code w…
-
For clients (especially single-page apps) using a [PKCE flow](https://www.oauth.com/oauth2-servers/pkce/) for authentication with UAA, `allowpublic: true` is required for the UAA client:
https://do…
-
The information you provide here will be included in the Open Liberty beta blog post ([example](https://openliberty.io/blog/2020/08/05/jakarta-grpc-beta-20009.html)), which will be published on [openl…
-
Is it possible to refresh expired access_token with refresh_token in code flow + PKCE in this library?
As mentioned in #548, the library supports signin with PKCE.
[RFC 7636 section-4.5](https://d…
-
## Library
- [ ] `msal@1.x.x` or `@azure/msal@1.x.x`
- [ X ] `@azure/msal-browser@2.x.x`
- [ ] `@azure/msal-node@1.x.x`
- [ ] `@azure/msal-react@1.x.x`
- [ ] `@azure/msal-angular@0.x.x`
- …
-
## Proposal: A built-in Go error check function, `try`
**This proposal has been [closed](https://github.com/golang/go/issues/32437#issuecomment-512035919). Thanks, everybody, for your input.**
B…
-
Many OAuth providers no longer support many flows without PKCE, yet the `oauth2` library doesn't have any built-in support. Generating code code verifiers and challenges must be done with a third part…
-
### Feature description
PKCE ([RFC 7636](https://tools.ietf.org/html/rfc7636)) is an extension to the [Authorization Code flow](https://oauth.net/2/grant-types/authorization-code/) to prevent CSRF an…