AWS IAM Identity Center adds PKCE-based authorization for AWS applications

AWS IAM Identity Center now supports OAuth 2.0 authorization code flows using the Proof Key for Code Exchange (PKCE) standard. This provides AWS applications, such as Amazon Q Developer Pro, a simple and safe way to authenticate users and obtain their consent to access AWS resources from desktops and mobile devices with web browsers. IAM Identity Center is the recommended service for managing workforce access to AWS applications and multiple AWS accounts. It can be used with an existing identity source or by creating a new directory. It provides your workforce access to your selected AWS managed applications, and a scalable option for you to manage access to AWS accounts. AWS IAM Identity Center is available at no additional cost in [AWS Regions](https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/). Learn more about session duration [here](https://docs.aws.amazon.com/singlesignon/latest/userguide/configure-user-session.html#user-session-duration-prereqs-considerations).