Dataverse OpenID connect / OAuth2 with PKCE

[Jakob Molander]

Is it possible to configure Dataverse OpenID Connect (OIDC) provider to use Authorization Code Flow with Proof Key for Code Exchange (PKCE) such that it appends “code_challenge” and “code_challenge_method” (either S256 or plain) parameters to the login request?

 

I am trying to connect our Dataverse instance with our specific Microsoft Azure AD tenant and get the following error from the Microsoft Azure AD after login but before returning to Dataverse:

 

AADSTS9002325: Proof Key for Code Exchange is required for cross-origin authorization code redemption

 

It might be because I have a cluster of three instances of Dataverse running behind a Load Balancer.

Thank you in advance.

[danny...@g.harvard.edu]

Hi Jakob, thanks for opening https://github.com/IQSS/dataverse/issues/8349 !