Skip to content
This repository has been archived by the owner on Dec 30, 2022. It is now read-only.

Update Auth flow to PKCE when available #13

Open
erikdstock opened this issue Oct 13, 2019 · 0 comments
Open

Update Auth flow to PKCE when available #13

erikdstock opened this issue Oct 13, 2019 · 0 comments
Labels
help wanted Extra attention is needed

Comments

@erikdstock
Copy link
Owner

https://auth0.com/blog/oauth2-implicit-grant-and-spa/

From the gatsby+auth0 tutorial blog:

Note: This tutorial uses the traditional implicit grant flow. The OAuth2 working group published a new general security best current practices document which recommends the authorization code grant with Proof Key for Code Exchange (PKCE) to request access tokens from SPAs. The Auth0 JS SDK will soon support this flow for SPAs and we'll update the article at that time. You can read more about these changes in this article by Auth0 Principal Architect Vittorio Bertocci.
@erikdstock erikdstock added the help wanted Extra attention is needed label Oct 13, 2019
@erikdstock erikdstock changed the title Update Auth flow when available Oct 13, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
help wanted Extra attention is needed
1 participant
@erikdstock