I was wondering if CA OAuth Toolkit supports RFC 7636 aka PKCE, which is marked as "MUST" in a BCP draft of https://tools.ietf.org/html/draft-ietf-oauth-native-apps-00 . Please let me know the current status of the product.
currently OTK does not support PKCE but it is on our backlog. Unfortunately I cannot provide you with a date.
However, since OTK is build with our policy language it is possible to implement support via a services engagement or by yourself, if you are familiar with the policy language as a workaround.