Hi Aaron, quick question regarding OAuth flows. In the developer track at the London Okta forum, it seemed that a web SPA should use Auth Code with PKCE (and generally avoid using implicit flow)? However the Okta documentation seem to suggest otherwise? Not sure how to proceed?
1
2
Replying to @will_hawker
The docs and libraries are still in the process of being updated, but you can find some sample code here: developer.okta.com/blog/2019…

Jul 22, 2019 · 12:08 AM UTC

1
1
Replying to @aaronpk
Ahhhh fair enough. Thanks for clarifying!