Number of active (non-expired) PKCE entries. Useful for observability / health checks.
Remove the verifier for state (one-time-use enforcement).
Retrieve the verifier for state.
Returns undefined if the entry doesn't exist or has expired.
Store a PKCE verifier for state, expiring after ttlMs milliseconds.
Evicts any previously-expired entries before storing.
In-memory PkceStore implementation.
Stores PKCE verifiers in a
Mapkeyed by OAuth state token, with TTL-based eviction. This is the default behavior of SCAuthManager when no custompkceStoreis provided.Suitable for: Single-instance Node.js servers with long-lived processes.
Not suitable for: Serverless (Vercel, AWS Lambda), edge runtimes, or any deployment with multiple server instances — verifiers are not shared across processes. Use CookiePkceStore or a Redis adapter instead.
Example