Jan 31 2024 08:53 AM - edited Jan 31 2024 08:55 AM
Hi,
We have a web app that used EntraID for OIDC. We use the web browser to loginto the web app , gets redirected to the EntraID authentication page and get authenticated and it works.
We are creating a new mobile app ( iOs ) and want to use the same web app backend. We also want to use the EntraID for OIDC ( just like the browser) . We are using the https://github.com/mobilityhouse/AppAuth-iOS-Without-Pkce library to implement OIDC with EntraID.
The library does not use PKCE ( as is in the name ). We can get the auth_code by making the API call to Microsoft EntraID, but when the backend tries to get the access_token , we get the error :
"The code_verifier does not match the code_challenge supplied in the authorization request for PKCE".