Software AG Products 10.11 | Integrate Software AG Products Using Digital Event Services | webMethods API Gateway Documentation | Using API Gateway | Usage Scenarios | Securing Access Token Calls with PKCE | How do I enforce PKCE globally?
 
How do I enforce PKCE globally?
This use case explains how to enforce PKCE globally in the local authorization server. When you enforce PKCE at global level, then it is applied for all the public OAuth2.0 clients of local authorization server.
This use case starts when you want to enable the PKCE workflow and ends when you get the access token on successful validation.
*To enforce the PKCE at global level
1. Expand the menu icon, in the title bar, and select Administration.
2. Select Security > JWT/OAuth/OpenID.
The Authorization servers section displays a list of available internal and external authorization servers.
3. In the Internal authorization servers section, click local .
4. Expand the OAuth configuration section, select the Enforce PKCE checkbox.
5. Click the Update button.
Once you enforce PKCE, you get access token only on successful validation of code verifier.