Written by

Cofounder at snext

Question Blaise ZARKA · Dec 11, 2019

OAuth2 Code Flow + PKCE

#InterSystems IRIS #Authentication #Access control

Hi,

We need to implement Oauth2 Code Flow + PKCE. Any experience with InterSystems OAuth2 Server on this would be welcome.
What parameters did you setup on OAuth 2 server configuration page to make it work?

Thanks!

Discussion (4)1

Add reply

Comments

Blaise ZARKA · Dec 11, 2019

For those who are interested, here is an good article on the ≠ between implicit flow and code flow with PKCE:
https://christianlydemann.com/implicit-flow-vs-code-flow-with-pkce/

0 0

Eduard Lebedyuk · Dec 11, 2019

Check this series of articles by @Daniel Kutac.

0 0

Blaise ZARKA Dec 11, 2019 to Eduard Lebedyuk

Thanks Eduard. As I understand, these articles address authorization flow for confidential client.
I would need a oauth2 flow compatible with an angular public client and the recommended one for this kind of client is code flow + PKCE.
Anyone experience this kind authorization flow with IRIS as server?

0 0

Don Nagel Apr 13, 2021 to Blaise ZARKA

Hi Blaise,

I understand intersystems will support OAuth code follow with PKCE in 2021.2.

Did you work out a flow?

0 0