This client must include a code_challenge when performing the authorize code flow, but it is missing
Hey! I'm using the NextJS App Router v2 integration with the example Dashboard application from Next.
When logging in using Google or Microsoft I get the following error:
{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. This client must include a code_challenge when performing the authorize code flow, but it is missing."}
I noticed on my client details on kinde.com that Client Secret is listed as (N/A), and as such I have not added any client secret.
Any guidance?2 Replies
The routing code will be executed on the backend so you will need to use a back-end web application setup with a secret. I ran into a similar issue when I started using kinde with nuxt.
Hi there! Daniel is exactly right, you will have to create a back-end web app to get the secret for the NextJS SDK.