Enforcing PKCE globally

Edit online

About this task

This section explains how to enforce PKCE globally in the local authorization server. When you enforce PKCE at global level, then it is applied for all the public OAuth2.0 clients of local authorization server.

Procedure

  1. Open the menu options and select Administration.
  2. Select Security > JWT/OAuth/OpenID. The Authorization servers section displays a list of available internal and external authorization servers.
  3. In the Internal authorization servers section, click local .
  4. Expand the OAuth configuration section, select the Enforce PKCE checkbox.
  5. Click Update. Once you enforce PKCE, you get access token only on successful validation of code verifier.