AWS amazonq medium security documentation change
Summary
Added explicit note that PKCE (Proof Key for Code Exchange) is not supported and must be disabled for Salesforce OAuth 2.0 authentication.
Security assessment
PKCE is a security enhancement for OAuth 2.0. Explicitly disabling it introduces a security consideration for authentication flows. This documents a security-related configuration limitation.
Diff
diff --git a/amazonq/latest/qbusiness-ug/salesforce-overview.md b/amazonq/latest/qbusiness-ug/salesforce-overview.md index d6bfcf7d5..8743f34f3 100644 --- a//amazonq/latest/qbusiness-ug/salesforce-overview.md +++ b//amazonq/latest/qbusiness-ug/salesforce-overview.md @@ -11 +11 @@ Category | Feature | Support -**Security** | **Authentication type** | OAuth 2.0 with Resource Owner Password Flow +**Security** | **Authentication type** | OAuth 2.0 with Resource Owner Password Flow Note that Require Proof Key for Code Exchange (PKCE) is not supported and must be disabled.