kedarkekan
commented
9 months ago Something similar to what kong enterprise oidc plugin does maybe?
config.authorization_query_args_names
config.authorization_query_args_valuesref: https://tech.aufomm.com/kong-oidc-plugin-extra-use-cases/
Hello,
Does OIDC plugin support adding random string a code challange in authorize call for IDP that support clients for authorization flow with PKCE?
We are using a confidential client with client id and client secret for OIDC plugin; however the client for react app is public client that uses PKCE. We observed that kong-oidc during 302 redirection creates a location that UI needs to invoke; however, since the code_challenge is missing from /authorize call, the IDP will fail the request with 400 bad request