Enterprises
Individuals
Enterprises
Individuals
Menu
Menu
Sign in
Product
Solutions
Pricing
Resources
Learn
Hands-on Labs
Courses
Learning Journeys
Challenges
Cloud Sandboxes
Playgrounds
Measure
Assessments
Tournaments
Certifications
Reports
Integrate
SCORM & LTI
SSO & SCIM
Our Learning Platform
Get Started Today
Book a demo
Get free trial
Contact us
Industries
Manufacturing
Government
Finance
Technology
Healthcare
Defense
Retail
Teams
C-suite
Security Teams
Engineering Teams
For L&D
We’ll help you
Achieve ROI
Achieve Compliance
Reduce Risk
Measurable Increase in Skills
Instructor Led Training
Success Stories
View all
View Enterprise Plans
Resources
E-books
Case studies
Webinars
Blog
Support
AppSecEngineer 101 Guide
Help Center
Discord
Teams
For C-suite
For Engineering Teams
For Product Teams
For L&D
What’s New
View all
How to Protect Your Organization from AI Threats Using Role-Based Security Training
Are Your Management Practices Pushing Your Security Team to the Brink?
X
X
X
Enterprises
Individuals
Enterprises
Individuals
Sign in
Menu
Menu
Training for
Library
Platform
Pricing
Resources
Step into the Spotlight with AppSec Expertise: Use coupon ‘SKILLUP30’ and get 30% Off on Individual Pro Annual Plans.
Popular with:
Cloud Engineer
Developer

What is OAuth with PKCE and How Does it Work?

Updated:
July 28, 2021
Written by
Abhay Bhargav

What is OAuth with PKCE and How Does it Work? | Way of the Future

In this video, Abhay Bhargav will be taking you through implementing an OAuth with PKCE flow using hands-on labs from an upcoming AppSecEngineer course on OAuth and OIDC.

OAuth and OIDC are perhaps the most important authentication and authorization technologies on the modern web today. You're probably interacting with OAuth and OIDC on a regular basis every day.

However, OAuth and OIDC can be particularly vulnerable to replay attacks. This led to the creation of the Proof Key for Code Exchange (PKCE), a protocol that helps add an additional layer of security on OAuth and OIDC workflows.

Source for article
Abhay Bhargav

Abhay Bhargav

Abhay is a speaker and trainer at major industry events including DEF CON, BlackHat, OWASP AppSecUSA. He loves golf (don't get him started).

Categories

L&D
Product Teams
Engineering Teams
C-suite
Infographics
AI Security
Container Security
Threat Modeling
Cloud Security
DevSecOps
Kubernetes
Application Security

Latest

How to Protect Your Organization from AI Threats Using Role-Based Security Training
Are Your Management Practices Pushing Your Security Team to the Brink?
Protect Your Business By Strengthening API Security
How to Successfully Implement Shift-Left Security for Your Organization
Understanding SOC 2 Compliance: A Complete Guide
Ditch the Audit Panic! AppSecEngineer's Got Your Back.
The Complete Guide to ISO 27001 Compliance
A Guide to NIST SP 800-53: 20 Steps to Compliance
Thinking about a career in tech? DevOps vs DevSecOps
Deep-Dive into PCI-DSS: Achieve Compliance in 12 Steps
Why Less Is More for High-Impact Developer Education
Top 10 Cybersecurity Power Players
How to Build a Stronger, More Secure Software Supply Chain
Stop Security Team Burnout Before It Starts
BigQuery Vector Search for Log Analysis: A Security Researcher's Perspective
The AI Advantage in DevSecOps
One Week After the CrowdStrike Incident
An In-Depth Look at Secure-By-Design Strategies
The Only Guide You’ll Need to Build Your Own DevSecOps Trained Team
Is DevSecOps a Good Career Option?

Ready to Elevate Your Security Training?

Empower your teams with the skills they need to secure your applications and stay ahead of the curve.
Get Our Newsletter
Get Started
X
X
FOLLOW APPSECENGINEER
CONTACT

Contact Support

help@appsecengineer.com

1603 Capitol Avenue,
Suite 413A #2898,
Cheyenne, Wyoming 82001,
United States

Copyright AppSecEngineer © 2023
QUICK LINKS
Sign InSign UpPrivacy Policy
E-BOOKS
Beginner's Guide to
a Career in AppSecTrain your Teams to Fly
FOLLOW APPSECENGINEER
CONTACT

Contact Support

help@appsecengineer.com

68 Circular Road, #02-01, 049422, Singapore

Copyright AppSecEngineer © 2023