The PKCE `code_verifier` does not match the stored code challenge."

English Forum Developers & API
1

Hello,

I keep getting this error “The PKCE code_verifier does not match the stored code challenge.”. I have verified everything I can think of:

I create the code_verifier at 50 chars long, using only alpha chars “wbndtbnxganbquvwvfgjqzwghhkcddeefvhmhrupyywcvgadde”

Then hash it with SHA-256 encoding, and and then base64URLEncode the hash to create the code challenge, resulting in the string

MkM5QjEyREY0NThGNzIwMDcwOTczQjgyQUY1M0U5Mzc5MUQwQzk5QUZBQzMwQkZFMEVGNUYzOUM2N0IzNTQwNw

Then send it to Asana:

 https://app.asana.com/-/oauth_authorize?scope=default&client_id=1204141759431930&state=60000&access_type=offline&response_type=code
	          &code_challenge_method=S256
	          &code_challenge=MkM5QjEyREY0NThGNzIwMDcwOTczQjgyQUY1M0U5Mzc5MUQwQzk5QUZBQzMwQkZFMEVGNUYzOUM2N0IzNTQwNw
	          &redirect_uri=https://www.myurl.com/auth.lf

Then when we get the reponse, and post the plain text code verifier string to https://app.asana.com/-/oauth_token, the result is the error:

{ "error": "invalid_grant", "error_uri": "https:\u002F\u002Fasana.com\u002Fdevelopers\u002Fdocumentation\u002Fgetting-started\u002Fauthentication", "error_description": "The PKCE `code_verifier` does not match the stored code challenge." }

Anybody know why this might be?

2

I just removed the code verifier completely and the request worked?? Thats weird…

1 Like
3

I have the same problem, and removing the code verifier work for me too. Thank you for sharing it.