Open adrienjt opened 4 years ago
grounded042
commented
4 years ago At this point in time there are no plans to support device authorization flow, but my guess is that a good portion of this repo could be re-used there. I'll check in with the team to get a better answer on Device Authz vs PKCE.
JimCMorrison
commented
4 years ago Here there all!
why is the Device Authorization Flow now recommended by Auth0 for CLIs vs. PKCE
Device Authorization Flow is intended for devices where the user has no direct input (example could be a TV or fridge). When it comes to the CLI, the user does have a keyboard to add data directly with. As always we are happy to help with any additional questions you may have in our Auth0 Community!
adrienjt
commented
4 years ago Hi @JimCMorrison , please click the link under "recommended" in my original post. It goes to this page: https://auth0.com/docs/integrations/using-auth0-to-secure-a-cli which specifically recommends the Device Authorization Flow for CLIs.
The same page used to recommend PKCE for CLIs. The first line of k8s-pixy-auth's readme actually links to it, even though PKCE is not even mentioned in it anymore.
JimCMorrison
commented
4 years ago I apologize @adrienjt for not getting back to you sooner as I’ve been out of the office. I can’t speak to the long term feature support in this this particular repo and whether or not it will accommodate Device Authorization Flow.
However as discussed within our team, there are a few advantages that the device flow has over traditional Authorization+PKCE:
I will also request the Readme on this repo get updated accordingly. Thank you.
Hi, any plans to support the Device Authorization Flow (the one with a device code and no local server)?
Maybe in a new repo like auth0/k8s-device-auth?
Anyway, from a security standpoint, why is the Device Authorization Flow now recommended by Auth0 for CLIs vs. PKCE?