You can configure PKCE (Proof Key for Code Exchange) with Keycloak by following the steps below:
Prerequisite
Ensure that your Identity Provider supports the Authorization Code flow with PKCE.
Keycloak Configuration:
- Navigate to your client configuration in Keycloak.
- Set the PKCE Code Challenge Method to SHA-256.
- Save the changes.
Plugin Configuration:
- Go to the Advanced Settings tab in the plugin.
- Enable the PKCE toggle.
- Save the configuration.
Note: Our plugin supports only the SHA256 method for PKCE. Ensure your identity provider is configured accordingly.
