🚀 Feature: Enable PKCE by default #47

New Issue

Closed

opened 2025-10-06 23:59:17 +03:00 by OVERLORD · 2 comments

OVERLORD commented 2025-10-06 23:59:17 +03:00

Owner

Copy Link

Originally created by @vanillajonathan on GitHub.

Feature description

When creating a new client the PKCE option should be enabled by default.

Pitch

To follow best practices, avoid misconfiguration, and to be secure by default.

Originally created by @vanillajonathan on GitHub. ### Feature description When creating a new client the PKCE option should be enabled by default. ### Pitch To follow best practices, avoid misconfiguration, and to be secure by default.

OVERLORD closed this issue 2025-10-06 23:59:18 +03:00

OVERLORD commented 2025-10-06 23:59:20 +03:00

Author

Owner

Copy Link

@vanillajonathan commented on GitHub:

Similarly many OIDC clients enable PKCE by default.

c821481c64/src/Security/Authentication/OpenIdConnect/src/OpenIdConnectOptions.cs (L339)

@vanillajonathan commented on GitHub: Similarly many OIDC clients enable PKCE by default. https://github.com/dotnet/aspnetcore/blob/c821481c641a08274e8bf9743eed10d1475d2c6b/src/Security/Authentication/OpenIdConnect/src/OpenIdConnectOptions.cs#L339

OVERLORD commented 2025-10-06 23:59:22 +03:00

Author

Owner

Copy Link

@stonith404 commented on GitHub:

Many OIDC clients don’t support PKCE. If we make PKCE the default, users who aren’t familiar with it may run into configuration problems and find that their clients don’t work. Since enabling PKCE is just a single click, it may be better to leave it as an optional setting.

@stonith404 commented on GitHub: Many OIDC clients don’t support PKCE. If we make PKCE the default, users who aren’t familiar with it may run into configuration problems and find that their clients don’t work. Since enabling PKCE is just a single click, it may be better to leave it as an optional setting.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

i18n_crowdin

breaking/v2

v2/use-item-component

default-env-db-keys

slog-gorm

v1.16.0

v1.15.0

v1.14.2

v1.14.1

v1.14.0

v1.13.1

v1.13.0

v1.12.0

v1.11.2

v1.11.1

v1.11.0

v1.10.0

v1.9.1

v1.9.0

v1.8.1

v1.8.0

v1.7.0

v1.6.4

v1.6.3

v1.6.2

v1.6.1

v1.6.0

v1.5.0

v1.4.1

v1.4.0

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.0

v0.53.0

v0.52.0

v0.51.1

v0.51.0

v0.50.0

v0.49.0

v0.48.0

v0.47.0

v0.46.0

v0.45.0

v0.44.0

v0.43.1

v0.43.0

v0.42.1

v0.42.0

v0.41.0

v0.40.1

v0.40.0

v0.39.0

v0.38.0

v0.37.0

v0.36.0

v0.35.6

v0.35.5

v0.35.4

v0.35.3

v0.35.2

v0.35.1

v0.35.0

v0.34.0

v0.33.0

v0.32.0

v0.31.0

v0.30.0

v0.29.0

v0.28.1

v0.28.0

v0.27.2

v0.27.1

v0.27.0

v0.26.0

v0.25.1

v0.25.0

v0.24.1

v0.24.0

v0.23.0

v0.22.0

v0.21.0

v0.20.1

v0.20.0

v0.19.0

v0.18.0

v0.17.0

v0.16.0

v0.15.0

v0.14.0

v0.13.1

v0.13.0

v0.12.0

v0.11.0

v0.10.0

v0.9.0

v0.8.1

v0.8.0

v0.7.1

v0.7.0

v0.6.0

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.1

v0.4.0

v0.3.1

v0.3.0

v0.2.1

v0.2.0

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels

breaking

bug

documentation

feature

needs more upvotes

open to pull requests

pull-request

Mirrored from GitHub Pull Request

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/pocket-id#47