Is window Server 2019 support PKCE flow?

Question

Hi MS Team,

I setup new ADFS (Window server 2019) and as per below document link it should support PKCE:

https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/overview/whats-new-active-directory-federation-services-windows-server

but after successfully setup when I look .well-know openid-configuration, that configuration look like Implicitly flow.
because "code_challenge_methods_supported" was not present
and as per PKEC guideline and instruction, to support PKCE code_challenge_methods_supported should plain or S256.

is there any other way to enable PKCE after setup or is there any document that give step by step to setup ADFS that support PKCE?

Few point may help:

1. I have experience to setup ADFS so it's not first time I am doing.
2. New ADFS we need that should support PKCE flow.

Thanks,
Amit Kumar

Answer 1

Any updated on above concern.

Answer 2

The documentation says it is implemented. Have you try using it and it did not work?
Or does the code of your application rely on the code_challenge_methods_supported to go forward with the flow?
Cause the Microsoft.IdentityServer.Web.Protocols.OAuth.OAuthAuthorization namespace has the CodeChallengeMethod enum defined with Plain and S256.

I'll inquire to see if there are known issues with it.