Missing parameter code_challenge_method

Question

I'am learning oauth 2.0 and used keycloak as authorization server.whenever I'am sending following request:-

http://localhost:7070/auth/realms/developer/protocol/openid-connect/auth?client_id=tcs&response_type=code&scope=openid profile&redirect_uri=http://localhost:8080/callback&state=zxczczxc232

I got error given below:-

http://localhost:8080/callback?error=invalid_request&error_description=Missing+parameter%3A+code_challenge_method&state=zxczczxc232

score 12 · Accepted Answer · answered Dec 13 '21 at 09:55

12

keycloak has PKCE enabled and because of that, you as a client must send a code_challenge as part of the initial authentication request.

What you need to do is to:

Generate a random value (code_verifier)
Calculate the hash of that value (code_challenge)
Send the code_challenge in your initial auth request
Send the code_verifier when you later ask for the tokens

Like this picture shows below:

answered Dec 13 '21 at 09:55

Tore Nestenius

16,431
5
30
40

how to disable PKCE? – utkarsh sharma Dec 13 '21 at 10:18
To disable PKCE , see the documentation here https://www.keycloak.org/docs/latest/server_admin/#advanced-settings But, today you should learn and use PKCE, as it is best practice to use... and its not that complicated. – Tore Nestenius Dec 13 '21 at 10:21
This is actually a good answer. This is extremely easy to set up and you shouldn't disable PKCE. It's just sending a hashed secret over to verify the returned handshake. – Matt Lo Aug 15 '22 at 15:59

john codebyself · Answer 2 · 2022-07-22T03:31:33.360

1

I have counter same problem and my solution is: Step to fix is: Clients task -> Choose your client -> Advance Setting -> Go to selection box: Proof Key for Code Exchange Code Challenge Method -> Make it empty(not select any thing) And you don't need to provide parameter code_challenge_method

edited Jul 22 '22 at 03:31

answered Jul 19 '22 at 09:56

john codebyself

7
3

As it’s currently written, your answer is unclear. Please [edit] to add additional details that will help others understand how this addresses the question asked. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Jul 21 '22 at 01:28

Missing parameter code_challenge_method

2 Answers2