When debugging the mobile app's OAuth2 flow I ran into invalid_grant issues exchanging a code for an access token when the client library was configured to use PKCE. Turning it off in the client library made the exchange work fine. I didn't look into specifics, but I know we (via Doorkeeper) are supposed to support PKCE. The library I was using was oauth2_client for Flutter.
When debugging the mobile app's OAuth2 flow I ran into
invalid_grantissues exchanging acodefor an access token when the client library was configured to use PKCE. Turning it off in the client library made the exchange work fine. I didn't look into specifics, but I know we (via Doorkeeper) are supposed to support PKCE. The library I was using wasoauth2_clientfor Flutter.