x-usePkce

Compatibility warning

This specification extension is supported only in Reference docs, but not in Redoc Community Edition.

Usage

Use x-usePkce to enable Proof Key for Code Exchange (PKCE) for the Oauth2 authorization code flow in the Try it console.

Add it directly to the authorizationCode flow object.

When specified, the Try it console will send both code_challenge and code_verifier to the authorization and token endpoints.

Note that the console must be enabled in the Reference docs configuration for these values to be visible.

Field Name Type Description
x-usePkce boolean Enables PKCE in the console

Examples

Copy
Copied
openapi: '3.0.0'
info:
  ...
tags: [...]
components:
  securitySchemes:
    oauth2_auth:
      type: "oauth2"
      flows:
        authorizationCode:
          x-usePkce: true,
          authorizationUrl: "https://example.com/authorize",
          tokenUrl: "https://example.com/token",
          scopes: {
            api: "Grants complete read/write access to the API"