caddy-security icon indicating copy to clipboard operation
caddy-security copied to clipboard
verified publisher icon greenpau

feature: PKCE challange

Open Nebdir opened this issue 1 year ago • 2 comments

A clear and concise description of what you want the system to do.

Within the OAuth2 authorization flow it would be great to support the PKCE challange, as it improves the security. I was noticing this because Kanidm enforces this by default.

What are the Caddyfile directives that need to be added.

Add Caddyfile directive:

{
  security {
    oauth identity provider generic {
      use_pkce true|false
    }
  }
}

Nebdir avatar Apr 15 '24 12:04 Nebdir

this would be very helpful and more secure

jcstryker avatar May 15 '25 02:05 jcstryker

this would be very helpful and more secure

@jcstryker , want to challenge yourself and implement it?

greenpau avatar May 16 '25 18:05 greenpau