Proof Key For Code Exchange (PKCE) flow

Table of Contents

About

OAuth 2.0 public clients (ie browser) utilizing the Authorization Code Grant are susceptible to the authorization code interception attack.

Proof Key for Code Exchange by OAuth Public Clients (PKCE) 1) helps mitigate this attack.

  • the app generate a random value at the beginning of the flow called a Code Verifier.
  • the app hashes the code Verifier and the result is called the code challenge.
  • the app sent the code Challenge during the authorization request
  • the app sent the code challenge for each subsequent request.

It ensures that only the client which requested the token can redeem it

PKCE is pronounced “pixy”.

Documentation / Reference

1)
Proof Key for Code Exchange by OAuth Public Clients

Data (State)
Data (State)
DataBase
Data Processing
Data Quality
Data Structure
Data Type
Data Warehouse
Data Visualization
Data Partition
Data Persistence
Data Concurrency

Data Science
Data Analysis
Statistics
Data Science
Linear Algebra Mathematics
Trigonometry

Modeling
Process
Logical Data Modeling
Relational Modeling
Dimensional Modeling
Automata

Data Type
Number
Time
Text
Collection
Relation (Table)
Cube
Tree
Key/Value
Graph
Spatial
Color
Log

Measure Levels
Order
Nominal
Discrete
Distance
Ratio

Code
Compiler
Lexical Parser
Grammar
Function
Testing
Debugging
Shipping
Data Type
Versioning
Design Pattern

Infrastructure
Operating System
Monitoring
Cryptography
Security
File System
Network
Process (Thread)
Computer
Infra As Code

Marketing
Advertising
Analytics
Email

Web
Html
Dom
Http
Url
Css
Javascript
Selector
Browser
Web Services
OAuth

Contact
[email protected]
Privacy Policy
Status

Powered by ComboStrap