diff --git a/src/main/java/com/ysoft/geecon/dto/OAuthClient.java b/src/main/java/com/ysoft/geecon/dto/OAuthClient.java
index c025309..75f58d7 100644
--- a/src/main/java/com/ysoft/geecon/dto/OAuthClient.java
+++ b/src/main/java/com/ysoft/geecon/dto/OAuthClient.java
@@ -1,10 +1,11 @@
 package com.ysoft.geecon.dto;
 
+import java.util.List;
 import java.util.Objects;
 
-public record OAuthClient(String clientId, String description, String clientSecret, String redirectUri) {
+public record OAuthClient(String clientId, String description, String clientSecret, List<String> redirectUris) {
     public boolean validateRedirectUri(String redirectUri) {
-        return this.redirectUri != null && this.redirectUri.equals(redirectUri);
+        return this.redirectUris != null && this.redirectUris.contains(redirectUri);
     }
 
     public boolean validateSecret(String clientSecret) {
diff --git a/src/main/java/com/ysoft/geecon/repo/ClientsRepo.java b/src/main/java/com/ysoft/geecon/repo/ClientsRepo.java
index 783d5fa..69b4686 100644
--- a/src/main/java/com/ysoft/geecon/repo/ClientsRepo.java
+++ b/src/main/java/com/ysoft/geecon/repo/ClientsRepo.java
@@ -5,6 +5,7 @@ import com.ysoft.geecon.dto.OAuthClient;
 import jakarta.enterprise.context.ApplicationScoped;
 
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 import java.util.Optional;
 
@@ -13,11 +14,15 @@ public class ClientsRepo {
     private final Map<String, OAuthClient> clients = new HashMap<>();
 
     public ClientsRepo() {
-        register(new OAuthClient("my-public-client", "Example public client", null, "https://localhost:8888/oauth_success"));
-        register(new OAuthClient("oauthdebugger", "Example public client", null, "https://oauthdebugger.com/debug"));
+        register(new OAuthClient("my-public-client", "Example public client", null,
+                List.of("https://localhost:8888/oauth_success")));
+        register(new OAuthClient("oauthdebugger", "Example public client", null,
+                List.of("https://oauthdebugger.com/debug")));
 
-        register(new OAuthClient("oauth-playground", "OAuth playground", null, "https://oauth-playground.online/flow/code-2"));
-        register(new OAuthClient("oauth-playground-localhost", "OAuth playground", null, "http://localhost:5555/flow/code-2"));
+        register(new OAuthClient("oauth-playground", "OAuth playground", null,
+                List.of("https://oauth-playground.online/flow/code-2", "https://oauth-playground.online/flow/pkce-3")));
+        register(new OAuthClient("oauth-playground-localhost", "OAuth playground", null,
+                List.of("http://localhost:5555/flow/code-2", "http://localhost:5555/flow/pkce-2")));
     }
 
     public Optional<OAuthClient> getClient(String clientId) {
diff --git a/src/test/java/com/ysoft/geecon/AuthCodeGrantTest.java b/src/test/java/com/ysoft/geecon/AuthCodeGrantTest.java
index 0e5d2b9..e7c543d 100644
--- a/src/test/java/com/ysoft/geecon/AuthCodeGrantTest.java
+++ b/src/test/java/com/ysoft/geecon/AuthCodeGrantTest.java
@@ -25,7 +25,7 @@ import static org.hamcrest.MatcherAssert.assertThat;
 
 @QuarkusTest
 public class AuthCodeGrantTest {
-    public static final OAuthClient CLIENT = new OAuthClient("myclient", "", null, "https://myserver:8888/success");
+    public static final OAuthClient CLIENT = new OAuthClient("myclient", "", null, List.of("https://myserver:8888/success"));
     @Inject
     ClientsRepo clientsRepo;
     @Inject
diff --git a/src/test/java/com/ysoft/geecon/helpers/AuthorizationCodeFlow.java b/src/test/java/com/ysoft/geecon/helpers/AuthorizationCodeFlow.java
index fa4c324..9609908 100644
--- a/src/test/java/com/ysoft/geecon/helpers/AuthorizationCodeFlow.java
+++ b/src/test/java/com/ysoft/geecon/helpers/AuthorizationCodeFlow.java
@@ -36,7 +36,7 @@ public class AuthorizationCodeFlow {
 
         query = new HashMap<>();
         query.put("client_id", client.clientId());
-        query.put("redirect_uri", client.redirectUri());
+        query.put("redirect_uri", client.redirectUris().get(0));
         query.put("state", state);
     }
 
@@ -79,7 +79,7 @@ public class AuthorizationCodeFlow {
 
     private Map<String, String> expectRedirect(Connection.Response response) {
         assertThat(response.statusCode(), is(303));
-        assertThat(response.header("location"), startsWith(client.redirectUri()));
+        assertThat(response.header("location"), startsWith(client.redirectUris().get(0)));
 
         URI location = URI.create(Objects.requireNonNull(response.header("location")));
         Map<String, String> query = URLEncodedUtils.parse(location.getQuery(), Charset.defaultCharset())
diff --git a/src/test/java/com/ysoft/geecon/helpers/TokenEndpointCall.java b/src/test/java/com/ysoft/geecon/helpers/TokenEndpointCall.java
index 2036ebd..e4f13c5 100644
--- a/src/test/java/com/ysoft/geecon/helpers/TokenEndpointCall.java
+++ b/src/test/java/com/ysoft/geecon/helpers/TokenEndpointCall.java
@@ -26,7 +26,7 @@ public class TokenEndpointCall {
 
     public TokenEndpointCall authorizationCode(String code, String codeVerifier) {
         tokenForm.put("grant_type", "authorization_code");
-        tokenForm.put("redirect_uri", client.redirectUri());
+        tokenForm.put("redirect_uri", client.redirectUris().get(0));
         tokenForm.put("code", code);
         if (codeVerifier != null) {
             tokenForm.put("code_verifier", codeVerifier);