Y
Hacker News
new
|
ask
|
show
|
jobs
by
tansan
974 days ago
PKCE should only be necessary if you're using app linking or have some client app in-between. If you completely trust the server than implicit is fine.
1 comments
krooj
974 days ago
No. This is wrong. Implicit is deprecated in favor of authorization_code + PKCE
link