How to make a PKCE connection in custom node

Describe the problem/error/question

Hello, I noticed you added PKCE support for custom connections:

I am developing a custom app and I would need to add a PKCE flow for authentication.

It is the same app as in this original post:

I updated my n8n version to 1.0.5. How exactly should I configure my credentials.ts in order to work with PKCE?

Thank you!

Information on your n8n setup

  • n8n version: 1.0.5
  • Running n8n via (Docker, npm, n8n cloud, desktop app): npm
  • Operating system: MAC

Hey @alexnemes,

Check out the Twitter Oauth2 credentials which use pkce :slight_smile: it should be a good example on how to use pkce.


Hi @Jon I tried to copy the setup to my custom node’s credentials, so I added this part:

			displayName: 'Grant Type',
			name: 'grantType',
			type: 'hidden',
			default: 'pkce',
			displayName: 'Auth URI Query Parameters',
			name: 'authQueryParameters',
			type: 'string',
			default: 'response_mode=query&response_type=code+id_token',
				'For some services additional query parameters have to be set which can be defined here. Example: access_type=offline'

I receive the following error when I try the connection:

Received following query parameters: {"error":"unauthorized_client","error_description":"Client is not configured to support given response_type","state":"eyJ0b2tlbiI6InVGbEVISndFLWFWYUtQWVhSWGNJbDN1amo0ZEFuQlZ0dEV5ayIsImNpZCI6Ijg4NVJLRFVFUk9UdVA4enIifQ=="}

I noticed the response_type set by n8n in query parameters is response_type=code but the service accepts response_type=code+id_token only.

Is it possible to somehow rewrite that response_type to “code+id_token”? Tried to include it in authQueryParameters but seems to have no effect.

Thank you!

Hey @alexnemes,

That is not something we support that I am aware of so you may need to get more creative. What service are you trying to interact with and do you happen to know if code+id_token is part of the pkce spec if it is we can get that added.