Last updated

x-usePkce

Compatibility warning

This specification extension is supported only in Reference docs, but not in Redoc Community Edition.

Usage

Use x-usePkce to enable Proof Key for Code Exchange (PKCE) for the Oauth2 authorization code flow in the Try it console.

Add it directly to the authorizationCode flow object.

When specified, the Try it console sends both code_challenge and code_verifier to the authorization and token endpoints.

Note that the console must be enabled in the Reference docs configuration for these values to be visible.

Field NameTypeDescription
x-usePkceboolean OR objectEnables PKCE in the console

Examples

openapi: '3.0.0'
info:
  ...
tags: [...]
components:
  securitySchemes:
    oauth2_auth:
      type: "oauth2"
      flows:
        authorizationCode:
          x-usePkce: true
          authorizationUrl: "https://example.com/authorize"
          tokenUrl: "https://example.com/token"
          scopes: {
            api: "Grants complete read/write access to the API"