Is window Server 2019 support PKCE flow?

Amit Singh 1 Reputation point

Hi MS Team,

I setup new ADFS (Window server 2019) and as per below document link it should support PKCE:

but after successfully setup when I look .well-know openid-configuration, that configuration look like Implicitly flow.
because "code_challenge_methods_supported" was not present
and as per PKEC guideline and instruction, to support PKCE code_challenge_methods_supported should plain or S256.

is there any other way to enable PKCE after setup or is there any document that give step by step to setup ADFS that support PKCE?

Few point may help:

  1. I have experience to setup ADFS so it's not first time I am doing.
  2. New ADFS we need that should support PKCE flow.

Amit Kumar

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management, data storage, applications, and communications.
2,630 questions
Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,030 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Amit Singh 1 Reputation point

    Any updated on above concern.

    0 comments No comments

  2. Pierre Audonnet - MSFT 10,091 Reputation points Microsoft Employee

    The documentation says it is implemented. Have you try using it and it did not work?
    Or does the code of your application rely on the code_challenge_methods_supported to go forward with the flow?
    Cause the Microsoft.IdentityServer.Web.Protocols.OAuth.OAuthAuthorization namespace has the CodeChallengeMethod enum defined with Plain and S256.

    I'll inquire to see if there are known issues with it.