diff options
Diffstat (limited to 'doc/api/oauth2.md')
-rw-r--r-- | doc/api/oauth2.md | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/doc/api/oauth2.md b/doc/api/oauth2.md index 59a929e30f4..7b38ac39b96 100644 --- a/doc/api/oauth2.md +++ b/doc/api/oauth2.md @@ -2,7 +2,7 @@ type: reference, howto stage: Manage group: Authentication and Authorization -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # OAuth 2.0 identity provider API **(FREE)** @@ -79,7 +79,7 @@ The Authorization code with PKCE flow, PKCE for short, makes it possible to secu the OAuth exchange of client credentials for access tokens on public clients without requiring access to the _Client Secret_ at all. This makes the PKCE flow advantageous for single page JavaScript applications or other client side apps where keeping secrets -from the user is a technical impossibility. +from the user is a technical impossibility. Before starting the flow, generate the `STATE`, the `CODE_VERIFIER` and the `CODE_CHALLENGE`. |