Property reference

`glide.oauth.pkce.skip_client_secret_validation`

The glide.oauth.pkce.skip_client_secret_validation property determines if OAuth token requests for non-public clients are accepted when the client_secret is missing or incorrect. Admins should review this setting to ensure proper security measures are in place for OAuth authentication.

Default: false Type: boolean Application: Global

Key questions about this property

The answers below summarize the purpose, scope, default effect, and review scenarios for this property.

What does it do?	This property controls the acceptance of OAuth token requests without a valid client_secret for non-public clients when PKCE is used.
What area does it affect?	OAuth authentication
What does the default mean?	The default value is "false", which means this behavior is disabled by default.
When should you review it?	Review this property when configuring OAuth settings or assessing security protocols.

Out of the box property record

Raw metadata from the property record.

Property name	`glide.oauth.pkce.skip_client_secret_validation`
Sys ID	`2c8bc44553003210380830d0a12c5ebb`
Type	boolean
Application	Global
Default value	`false`
Description	Determines whether to reject oauth token requests for non-public clients when the client_secret is missing or incorrect, and PKCE was performed.
Updated	2025-09-15 13:26:09

glide.oauth.pkce.skip_client_secret_validation

Key questions about this property

Out of the box property record

Related properties

`glide.oauth.pkce.skip_client_secret_validation`