We request that Aha! enhance their security posture as it relates to authentication and follow industry recommendations: https://oauth.net/2/pkce/ “PKCE is not a replacement for a client secret, and PKCE is recommended even if a client is using a ...