Thanks for the interesting writeup. One note: you mentioned would follow the new OAuth guidelines, which is great! However, I think you use the code grant type with PKCE and not PKCE alone.
Startups and tech enthusiast. Loves building products that make your life easier. Currently, building Qovery - a platform revolutionizing application deployments in the cloud.
Thanks for the interesting writeup. One note: you mentioned would follow the new OAuth guidelines, which is great! However, I think you use the code grant type with PKCE and not PKCE alone.
You're welcome:) Good catch, you're right. It's the default when you use Auth0's client lib for SPAs.