Popular with:
Cloud Engineer
Cloud Security

What is OAuth with PKCE and How Does it Work?

July 28, 2021
Written by
Abhay Bhargav

What is OAuth with PKCE and How Does it Work? | Way of the Future

In this video, Abhay Bhargav will be taking you through implementing an OAuth with PKCE flow using hands-on labs from an upcoming AppSecEngineer course on OAuth and OIDC.

OAuth and OIDC are perhaps the most important authentication and authorization technologies on the modern web today. You're probably interacting with OAuth and OIDC on a regular basis every day.

However, OAuth and OIDC can be particularly vulnerable to replay attacks. This led to the creation of the Proof Key for Code Exchange (PKCE), a protocol that helps add an additional layer of security on OAuth and OIDC workflows.

Source for article
Abhay Bhargav

Abhay Bhargav

Abhay is a speaker and trainer at major industry events including DEF CON, BlackHat, OWASP AppSecUSA. He loves golf (don't get him started).

Abhay Bhargav


Contact Support


1603 Capitol Avenue,
Suite 413A #2898,
Cheyenne, Wyoming 82001,
United States

Copyright AppSecEngineer © 2023