What is OAuth with PKCE and How Does it Work? | Way of the Future
In this video, Abhay Bhargav will be taking you through implementing an OAuth with PKCE flow using hands-on labs from an upcoming AppSecEngineer course on OAuth and OIDC.
OAuth and OIDC are perhaps the most important authentication and authorization technologies on the modern web today. You're probably interacting with OAuth and OIDC on a regular basis every day.
However, OAuth and OIDC can be particularly vulnerable to replay attacks. This led to the creation of the Proof Key for Code Exchange (PKCE), a protocol that helps add an additional layer of security on OAuth and OIDC workflows.