As a user of NGINX Ingress Controller, I would like to ensure my OIDC Policies can enable PCKE (Proof of key exchange) to further enhance the security posture of my applications
UACs:
[ ] Update OIDC policy to enable toggling the $oidc_pkce_enable directive
[ ] Update documentation to detail the implications of this setting
As a user of NGINX Ingress Controller, I would like to ensure my OIDC Policies can enable PCKE (Proof of key exchange) to further enhance the security posture of my applications
UACs:
$oidc_pkce_enable
directiveReferences:
This directive is currently configured in our templates here: https://github.com/nginxinc/kubernetes-ingress/blob/release-3.7/internal/configs/version2/nginx-plus.virtualserver.tmpl#L92