To change the Delegated Admin application's default OpenID Connect (OIDC) grant type, use the PingFederate administrative console and the Delegated Admin config.js file.
For more information, see OAuth Grant Types.
The following example changes the default OIDC grant type from Implicit to Authorization Code with Require Proof Key for Code Exchange (PKCE).
- In the PingFederate administrative console, go to .
- From the Clients list, select the dadmin client.
In the Allowed Grant Types section:
- Select the Authorization Code check box.
- Clear the Implicit check box.
- Select the Require Proof Key for Code Exchange (PKCE) check box.
- Click Save.
From your <server-root>
directory, open the Delegated Admin
application's config.js file and set the
/* * Indicates if this app should authenticate using the 'Authorization Code with PKCE' OAuth grant. * If true, the 'Authorization Code with PKCE grant will be used. If false, the 'Implicit' grant * will be used. * DEFAULT: window.AUTHENTICATE_WITH_PKCE = true; */ window.AUTHENTICATE_WITH_PKCE = true;Note:
If you don't already have the
AUTHENTICATE_WITH_PKCEvariable in your config.js file, you must add it.