PKCE OAuth Extension is in GA 🚀

Hey everyone! We just released PKCE in GA. PKCE is an OAuth extension that enables Mobile, Desktop, and Single-Page applications to securely complete the OAuth flow without having to store a client_secret in the application, but rather enabling a code_challenge and code_verifier to ensure only the originator of the flow has the keys.

This is a secure way of authorizing access while also supporting you to build an application without a back-end server.

To build an app with the PKCE OAuth extension, include the code_challenge parameter in the Authorize request.

Check out the docs to get started.