mockpass icon indicating copy to clipboard operation
mockpass copied to clipboard
Published 1 month ago verified publisher icon opengovsg

support PKCE verification

Open randName opened this issue 3 months ago • 1 comments

I was looking at the draft FAPI 2.0 specs and it mentions that PKCE will be enforced

I was also looking at an existing OIDC provider library and wondering if we should just leverage on that instead, since Singpass seems mostly spec compliant now and is moving towards that anyway

randName avatar Sep 11 '25 01:09 randName

Looking at that draft, there are a bunch of other breaking changes (PAR, DPoP, ID token format change, userinfo response format change, ...) bundled together in this revision. I think we should consider treating this a major API version bump and implement it as a new endpoint, instead of modifying the current endpoint piecemeal.

cflee avatar Sep 15 '25 03:09 cflee