I’m currently developing an application that has the following requirements:
SPA + backend API
Needs custom login screen ( embedded login )
I also want to use refresh tokens so the UX experience is seamless. I’ve been looking at the different authentication flow and I think I need to use Authorization Code Flow with PKCE? but I’m not entirely sure.