I am having a hard time finding the reference documentation on the parameters expected for each of the endpoints. Specifically, do I send the audience parameter to the /oauth/token endpoint? Since this endpoint is accepting my code_verifier, I assume it already knows what my audience is.
The docs exist as part of an example, which is hard to locate:
https://auth0.com/docs/flows/guides/auth-code-pkce/call-api-auth-code-pkce#request-tokens
Thank you.
Hi @klahnakoski,
I’m realizing I didn’t answer this in your other topic. Sorry about that, and thanks for opening another topic.
It depends on the flow, specifically a client credentials vs implicit or auth code (or the /oauth/token endpoint vs /authorize endpoint). Please see the doc below for the example requests and params for each endpoint.
https://auth0.com/docs/api/authentication#authorize-application
It should be sent when you are initiating the flow.
Hope this helps!
Thanks,
Dan
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.