SN System Properties Reference
Property reference

glide.oauth.pkce.skip_client_secret_validation

The glide.oauth.pkce.skip_client_secret_validation property determines if OAuth token requests for non-public clients are accepted when the client_secret is missing or incorrect. Admins should review this setting to ensure proper security measures are in place for OAuth authentication.

Default: false Type: boolean Application: Global

Key questions about this property

The answers below summarize the purpose, scope, default effect, and review scenarios for this property.

What does it do? This property controls the acceptance of OAuth token requests without a valid client_secret for non-public clients when PKCE is used.
What area does it affect? OAuth authentication
What does the default mean? The default value is "false", which means this behavior is disabled by default.
When should you review it? Review this property when configuring OAuth settings or assessing security protocols.

Out of the box property record

Raw metadata from the property record.

Property name glide.oauth.pkce.skip_client_secret_validation
Sys ID 2c8bc44553003210380830d0a12c5ebb
Type boolean
Application Global
Default value false
Description Determines whether to reject oauth token requests for non-public clients when the client_secret is missing or incorrect, and PKCE was performed.
Updated 2025-09-15 13:26:09

Sources

Official references and nearby text excerpts where this property appears.