Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support to pkce_required property for OIDC app integrations #1241

Closed
martinstuga opened this issue Aug 8, 2022 · 5 comments
Closed

Add support to pkce_required property for OIDC app integrations #1241

martinstuga opened this issue Aug 8, 2022 · 5 comments
Labels
enhancement Asking for new behavior or feature okta-sdk-golang Issue is related to upstream okta-sdk-golang quick-fix Do this work is a quick fix triaged Triaged into internal Jira

Comments

@martinstuga
Copy link

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

There is a new property available in OAuth Application: https://developer.okta.com/docs/release-notes/2022-okta-identity-engine/#monthly-release-2022-08-0

PKCE validation for OIDC app integrations is GA in Preview

You can now require Proof Key for Code Exchange (PKCE) as an additional verification for any OpenID Connect app integration except service apps. This more closely aligns with the OAuth Security Best Current Practice recommendation to use PKCE with the authorization code flow regardless of the client type. Use the pkce_required property with the Apps API to require PKCE for your app.

It would be good to support this new property in this module.

New or Affected Resource(s)

  • okta_app_oauth

References

https://developer.okta.com/docs/release-notes/2022-okta-identity-engine/#monthly-release-2022-08-0

  • #0000
@martinstuga martinstuga added the enhancement Asking for new behavior or feature label Aug 8, 2022
@monde monde self-assigned this Aug 8, 2022
@monde
Copy link
Collaborator

monde commented Aug 8, 2022

Thanks @martinstuga . I see pkce_required listed in the public API documentation https://developer.okta.com/docs/reference/api/apps/#oauth-credential-object . We'll need to get that surfaced in okta-sdk-golang .

@monde monde added okta-sdk-golang Issue is related to upstream okta-sdk-golang quick-fix Do this work is a quick fix labels Aug 8, 2022
@monde
Copy link
Collaborator

monde commented Aug 8, 2022

This will be a quick fix once the property is accessible via okta-sdk-golan

@monde
Copy link
Collaborator

monde commented Aug 15, 2022
edited
Loading

Okta internal reference: https://oktainc.atlassian.net/browse/OKTA-524201

@monde monde added the triaged Triaged into internal Jira label Aug 15, 2022
@monde monde removed their assignment Aug 15, 2022
@faganihajizada
Copy link

Hi 👋🏻 Is there any update on this?
cc @monde

@monde
Copy link
Collaborator

monde commented Sep 13, 2022

@faganihajizada I'll looking to have this addressed in the v3.36.0 release I'm currently preparing for later today or tomorrow.

@monde monde closed this as completed in ba4beb2 Sep 14, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Asking for new behavior or feature okta-sdk-golang Issue is related to upstream okta-sdk-golang quick-fix Do this work is a quick fix triaged Triaged into internal Jira
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@monde @martinstuga @faganihajizada