Cloud Security

What is OAuth with PKCE and How Does it Work?

February 21, 2022

What is OAuth with PKCE and How Does it Work? | Way of the Future

In this video, Abhay Bhargav will be taking you through implementing an OAuth with PKCE flow using hands-on labs from an upcoming AppSecEngineer course on OAuth and OIDC.

OAuth and OIDC are perhaps the most important authentication and authorization technologies on the modern web today. You're probably interacting with OAuth and OIDC on a regular basis every day.

However, OAuth and OIDC can be particularly vulnerable to replay attacks. This led to the creation of the Proof Key for Code Exchange (PKCE), a protocol that helps add an additional layer of security on OAuth and OIDC workflows.

Abhay Bhargav

Abhay Bhargav

Abhay is a speaker and trainer at major industry events including DEF CON, BlackHat, OWASP AppSecUSA. He loves golf (don't get him started).