Code Verifier Issues in Authorization Flow with PKCE in ReactNative Expo

I have been trying to implement a very simple authorization flow with PKCE using Expo. However, whenever I send an authorization code grant request, I keep getting a “failed to verify code verifier” issue. To debug, I have been using a hardcoded code verifier and code challenges, so I don’t believe the actual codes are an issue(I have tried many codes generated by different websites).

For reference, I use the useAuthRequest for the initial authentication

const [request, result, promptAsync] = AuthSession.useAuthRequest(
      clientId: auth0ClientId,
      codeChallenge: '4OR_LblKq84iLlVqQg3wLOxV2bx01CN--4XqcIrgxZc',
      codeChallengeMethod: AuthSession.CodeChallengeMethod.S256, //have also tried 'S256'
      responseType: "code",
      usePKCE: true, //have also tried 'true'
      scopes: ["openid"],
      extraParams: {
        // ideally, this will be a random value
        audience: audienceURL,
        //nonce: "nonce",
    { authorizationEndpoint }

Afterwards, I print out the generated code and put it into a postman request, which looks like this:

I have also tried running an axios post request in Node.JS with no success.

As an alternative, I am also willing to try the authorization flow without PKCE. However, the /oauth/token endpoint keeps expecting a code_verifier parameter despite usePKCE being set to false in the authentication request. So I am not sure how to tell auth0 to use pkce or not when making the initial authentication.

Sorry if this is a pointless question, I am rather new to oauth, auth0, and react native.
Any help would be appreciated!

1 Like