Genesys Cloud - Developer Community!

Hi,

We are currently migrating our browser application from loginImplicitGrant() to loginPKCEGrant() because of the announced deprecation of the Implicit Grant flow.

What surprised us is that loginPKCEGrant() appears to work successfully against an existing OAuth client that is still configured as an Implicit Grant client in Genesys Cloud.

Scenario:

• Existing OAuth client created years ago

• OAuth client still configured with Token Implicit Grant

• Frontend code updated to use:

client.loginPKCEGrant(clientId, redirectUri)

• Authentication succeeds

• Access token is returned successfully

This actually creates a very useful migration path for us:

1. Upgrade customer environments to PKCE-compatible application code first

2. Leave existing OAuth clients untouched temporarily

3. Ask customers to update the OAuth client configuration later

4. Avoid downtime or coordinated releases

Question:

Is this officially supported/expected behavior during the migration period, or are we relying on permissive legacy behavior that could stop working unexpectedly before the final Implicit Grant removal date?

In other words:
Can existing Implicit Grant OAuth clients safely continue to authenticate through PKCE during the transition period?

Thanks.

Hello,

I just checked internally (with Auth engineering) and they confirmed it is the intended behavior - for the exact same reason you described - to ease/facilitate the migration of existing OAuth clients.

Regards,

client.loginPKCEGrant(clientId, redirectUri)