Pkce.HashedPkceDisabled

Does the server support hashed PKCE

This test determines whether the server supports hashed PKCE.

View source code on GitHub

Documents

This test is part of the following document(s):

• Proof Key for Code Exchange by OAuth Public Clients (RFC7636), section 4.2 (must)
• OAuth 2.0 Security Best Current Practice (draft 25) (SecBCP), section 2.1.1 (must)
• Financial-grade API Security Profile (FAPI) 1.0 – Part 1: Baseline (FAPI1Base), section 5.2.2 (must)

Back to the test case overview or the threat overview