Open nicolassanmar opened 10 months ago
DocuSign does not support Authorization Code Grant in our SDKs since it is webstack dependent. Instead, a generic (not DocuSign specific) OAuth library should always be used. Node for example is usually used with Passport. Some support PKCE, others do not.
DocuSign now supports PKCE since March 2023 https://www.docusign.com/blog/developers/docusign-adds-support-pkce. Unfortunately there is no way to make use of PKCE using the SDK, and I have not found workarounds.
We should add PKCE support to the SDK, and here are two different ways to do so:
enablePKCE: true
to theApiClient
constructor, wherecode_challenge
andcode_verifier
are added to requests under the hood.code_challenge
andcode_verifier
in each relevant call.