Is this still the case that B2C doesn't support PKCE for external identities.
External Identity providers: how to configure code_challenge? Auth Request from B2C to OIDC provider does not pass code_challange_method in request
We have configured OpenID Connect provider in Azure B2C that supports 'Authorization Code Flow with PKCE' (does not support implicit flow)
When user select the user store during login the auth request throw an error :
"invalid_request, Error Description: Missing parameter: code_challenge_method
it does not pass code_challenge & code_challenge_method in request - Am I missing any configuration ?
How do we pass missing para from B2C ?
2 answers
Sort by: Most helpful
-
-
Chintan Bhatt 1 Reputation point
2021-03-04T06:07:08.243+00:00 Ok, so B2C does not support PKCE for external IDP’s. The reason being B2C would be consider a “confidential client” in respect to OAuth/OIDC.
Authorization code flow with client secret works fine!