0D51Y000088SNhuSAGOkta Classic EngineIntegrationsAnswered2024-03-25T23:15:35.000Z2020-03-30T13:43:34.000Z2021-03-30T00:28:08.000Z

AmolP.54510 (Customer) asked a question.

Edited March 30, 2020 at 1:47 PM
Which method is recommended to use OKTA for mobile application ? OIDC OR Oauth + PKCE ?

I have gone through the Android sample project https://github.com/okta/okta-oidc-android

and below are my observations and qestions.

 

My Observations

  1. The sample project in the GitHub repository does no have a PKCE + OIDC implementation.I mean there is not code for PKCE code verifier and challenger.
  2. The PKCE + OAuth approach used in the sample project is stated to be deprecated (https://github.com/okta/okta-sdk-appauth-android ). The exact statement on the GitHub repository is as follows

This library will be archived on 3/20/2020 and is no longer in development. Please use the OIDC SDK instead.

 

Questions

  1. Does OIDC SDK uses PKCE implicitly or we need to add PKCE extension ?
  2. Can you point us to sample resources which uses the OIDC SDK with PKCE extension for Android and iOS ?

 

Thanks

 

  • 1 answer
  • 642 views

  • 4gmlx (4gmlx)

    Sadly I can't answer your question, I would like to see some official statements around these points from Okta too.

This question is closed.

Recommended content

No recommended content found...