OIDC (quick note)

OIDC allows different authentication flows. When using the authorization_code flow, make sure to also use PKCE.

• Public applications, websites, SPAs, mobile apps: authorization_code + PKCE

See: https://larskoelpin.de/static/d166bc24ef83101ebb663010f319eefc/fcda8/flow.png