API Gateway 10.11 | Using API Gateway | Usage Scenarios | Securing Access Token Calls with PKCE | How do I enforce PKCE globally?
 
How do I enforce PKCE globally?
This section explains how to enforce PKCE globally in the local authorization server. When you enforce PKCE at global level, then it is applied for all the public OAuth2.0 clients of local authorization server.
*To enforce the PKCE at global level
1. Expand the menu icon, in the title bar, and select Administration.
2. Select Security > JWT/OAuth/OpenID.
The Authorization servers section displays a list of available internal and external authorization servers.
3. In the Internal authorization servers section, click local .
4. Expand the OAuth configuration section, select the Enforce PKCE checkbox.
5. Click the Update button.
Once you enforce PKCE, you get access token only on successful validation of code verifier.