7 Matching Annotations
  1. Nov 2022
  2. www.taniarascia.com www.taniarascia.com
    Using OAuth with PKCE Authorization Flow (Proof Key for Code Exchange)
    1
    1. TylerRick 21 Nov 2022
      OAuth: grant types: Authorization Code Flow with PKCE good tutorial
    Visit annotations in context

    Tags

    Annotators

    URL

    taniarascia.com/oauth-pkce-authorization/
  3. www.jvt.me www.jvt.me
    Using Proof of Key Code Exchange (PKCE) Using rack-oauth2 as an OAuth2 Client · Jamie Tanna | Software Engineer
    2
    1. TylerRick 20 Nov 2022
      OAuth: grant types: Authorization Code Flow with PKCE Ruby example
    2. TylerRick 20 Nov 2022
      Proof of Key Code Exchange is an OAuth2 extension that recently been adopted as the standard for both OAuth 2.1 and IndieAuth, and provides additional security for attacks on the Authorization Code flow.
      OAuth: grant types: Authorization Code Flow with PKCE
    Visit annotations in context

    Tags

    Annotators

    URL

    jvt.me/posts/2021/03/06/pkce-ruby-rack-oauth2/
  4. developer.okta.com developer.okta.com
    Implement the OAuth 2.0 Authorization Code with PKCE Flow
    1
    1. TylerRick 20 Nov 2022
      Here’s what this flow looks like:
      sequence diagram OAuth: grant types: Authorization Code Flow with PKCE
    Visit annotations in context

    Tags

    Annotators

    URL

    developer.okta.com/blog/2019/08/22/okta-authjs-pkce
  5. auth0.com auth0.com
    Authorization Code Flow with Proof Key for Code Exchange (PKCE)
    1
    1. TylerRick 15 Nov 2022
      the OAuth 2.0 grant type, Authorization Code Flow with Proof Key for Code Exchange (PKCE).
      OAuth: grant types: Authorization Code Flow with PKCE OAuth: grant types
    Visit annotations in context

    Tags

    Annotators

    URL

    auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow-with-proof-key-for-code-exchange-pkce
  6. Sep 2019
  7. remotesynthesis.com remotesynthesis.com
    Understanding OAuth Authorization Flows
    2
    1. pyxelr 13 Sep 2019
      it's not that there are new vulnerabilities that have been identified in the implicit flow, just that PKCE offers a more secure alternative that you should use if you have the option

      Use PKCE instead of the implicit flow if you have a chance

      PKCE OAuth security webdev
    2. pyxelr 13 Sep 2019
      PKCE (which stands for "Proof Key for Code Exchange" and is pronounced "pixie") was originally developed to solve a problem specific to native mobile apps using OAuth 2.0

      PKCE (Proof Key for Code Exchange) is an extension to OAuth 2.0

      PKCE OAuth security webdev
    Visit annotations in context

    Tags

    Annotators

    URL

    remotesynthesis.com/blog/oauth-flows