In the IdentityServer world authorization code with PKCE now replaces OpenID Connect's (OIDC) hybrid flow as our most secure authorization method; however, not all client libraries or even OpenID Providers support PKCE yet. An alternative approach that gives a comparatively high level of assurance is to use the OIDC hybrid flow in combination with encrypted identity tokens via JSON Web Encryption (JWE).

Bharat Dwarkani shared on Sep 15, 2019
image
scottbrady91.com
bookmarks
share
favorite_border0 visibility8
favorite_border0 visibility8 share bookmarks
add