You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Your own recommended way to use ZITADEL is "PKCE", which needs to be configured as such (example):
exportconstauthOptions: NextAuthOptions={providers: [{id: 'zitadel',name: 'zitadel',type: 'oauth',version: '2',wellKnown: process.env.ZITADEL_ISSUER,authorization: {params: {scope: 'openid email profile',},},idToken: true,checks: ['pkce','state'],<<<THISallowsPKCEclient: {token_endpoint_auth_method: 'none',<<<THISallowsPKCE},// profile method and other stuffclientId: process.env.ZITADEL_CLIENT_ID,// the type REQUIRES "clientSecret". but while using PKCE, there is none.},],// other configsecret: process.env.NEXTAUTH_SECRET,};exportdefaultNextAuth(authOptions);
I'd encourage you to update the ZITADEL provider in NEXT since you promote PKCE as the standard to use.
The text was updated successfully, but these errors were encountered:
The type in the ZITADEL Provider (options) is wrong. The thing about the underlying openidconfiguration type (https://github.com/nextauthjs/next-auth/blob/main/packages/next-auth/src/providers/zitadel.ts#L28) is that you cannot use PKCE without using "any" to type your options.
Your own recommended way to use ZITADEL is "PKCE", which needs to be configured as such (example):
I'd encourage you to update the ZITADEL provider in NEXT since you promote PKCE as the standard to use.
The text was updated successfully, but these errors were encountered: