Azure-sdk-for-js: Support for Authorization Code Flow with PKCE.

Thank you for the feature request.

We currently have this on our backlog of features to implement. We don't yet have a timeline for when it will be implemented, but once we do we'll add more information to this issue.

@thewahome and @bettirosengugi for visibility. Let's make sure that we state here in the case that we verify that SPA cannot use implicit auth with conditional access policy, and SPA must use authorization code flow + PKCE for conditional access. It may help in the prioritization of this work as it has the potential to affect many tenants + SPA scenarios.

@MIchaelMainer I'm working on adding support for this feature. We'll be releasing an update on early February.

@nikithauc , @MIchaelMainer , @thewahome , @bettirosengugi

Hello everyone! Sorry for closing this issue. I've got good news! We've released Identity 1.2.4-beta.1 with PKCE support: https://www.npmjs.com/package/@azure/identity/v/1.2.4-beta.1

We'll be back on Tuesday, but at any point moving forward, please try this updated version! You won't need to change your code nor your AAD applications, simply plug in the InteractiveBrowserCredential and it should work.

We have a small new documentation file that aims to help anyone to use the InteractiveBrowserCredential: https://github.com/Azure/azure-sdk-for-js/blob/master/sdk/identity/identity/interactive-browser-credential.md

If anything unexpected occurs, please let me know! You can reply to this issue or make a new one, I will reply back in any case, as soon as I am available (but I try to update any incoming issues at least twice a day).

@sadasant This is great news! Thank you for letting us know :)

@sadasant Using the interactive browser credential, how would we manage the token lifetimes, access to the token, renewal and refreshing capabilities?