Shreyas skskshreyas.hashnode.dev·May 29, 2024Understanding PKCE - Part 2 - How Access token and Refresh token are generatedIn the previous section, we got to know how to get the authorization code from Auth endpoint of server by sending client id and code_challenge.Once this is done, our next thing is to use this client id, code and code verifier to generate access token...pkce
Shreyas skskshreyas.hashnode.dev·May 28, 2024Understanding PKCE - Part 1 - Authorization flowOAuth 2.0 OAuth 2.0 is a industry standard authorisation technique used in many applications. PKCE is the extension of OAuth 2.0 which uses code_challenge and code_verifier to get access token in client applications. In native applications, we usuall...pkce
Curt TudorforOpenZiti Tech Blogblog.openziti.io·Apr 4, 2024Pixy Dust For Web ApplicationsPKCE, which stands for “Proof of Key Code Exchange”, and is pronounced “pixy,” is an extension of the OAuth 2.0 protocol that provides an additional security layer helping to prevent intercept attacks. Articles about OpenZiti often discuss applicatio...239 readsBrowZerSecurity
Mohammad Abu Yousuf Sajalcodexaxor.hashnode.dev·Mar 9, 2024Obtaining Access Token with OAUTH 2.0 PKCE in PostmanAs the landscape of secure authentication evolves, understanding and implementing Authorization Code Flow with Proof Key for Code Exchange (PKCE) becomes crucial for developers. In this post, we'll delve into the practical aspects of using Postman to...35 readssoftware development
