[Openid-specs-ab] Best practices for native+server client
Torsten Lodderstedt
torsten at lodderstedt.net
Mon Jul 22 14:10:43 UTC 2019
> On 20. Jul 2019, at 21:03, Nat Sakimura via Openid-specs-ab <openid-specs-ab at lists.openid.net> wrote:
>
> An app sending a PKCE request and getting back the code that is being sent to the server with the code verifier that are used by the server component to obtain ID Token feels a bit better.
I agree.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3923 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20190722/57e1449e/attachment.p7s>
More information about the Openid-specs-ab
mailing list