OAuth 2.0 with PKCE

Hi All,

I’m trying to get the Authorization code flow with PKCE in Postman. It seems that the Client secret is still required to get the access token. What’s the reason for this and how can I get it to work without the client secret?

Hi @damith.ev :wave:

I could repro the issue you are having with this public collection. Also some other people are asking the same question here.

Looking at PagerDuty instructions, it does not seem to requre secret (that’s what PKCE is meant to be).
So I have no idea why we need to include client secret in Postman.

I would encourage you to file an issue in our GitHub repo - Our engineering team actively maintains our Github repo and the most up-to-date information will be posted there.

Thanks for flagging this again! Please let us know if you have any further questions :slightly_smiling_face:

thanks a lot :slightly_smiling_face:

I’ve submitted an issue in github repo