This error occurs because the Salesforce Managed Connected App, which is used to integrate Salesforce with Spotfire, has the "Require Proof Key for Code Exchange (PKCE) Extension for Supported Authorization Flows" security setting enabled. For the Spotfire web client, this setting conflicts with the expected authentication flow for Salesforce connections.

If you use TIBCO Cloud™ Spotfire, you do not have to make the above changes.

Here are the steps to resolve:

1. Navigate to your Salesforce instance.

2. Locate and edit the Managed Connected App that you have configured for your Spotfire environment.

3. Find the setting titled "Require Proof Key for Code Exchange (PKCE) Extension for Supported Authorization Flows."

4. Disable this option.

5. Save the changes to the Managed Connected App.

After disabling this setting, your Spotfire web client will be able to successfully authenticate and connect to Salesforce.

Spotfire web client users attempting to connect to Salesforce may experience an authentication failure, indicated by an error in the URL: https://<spotfire_server>/spotfire/wp/oauth2/code?error=invalid_request&error_description=missing+required+code+challenge This prevents successful data access from Salesforce within the Spotfire web environment.