Popular with:

Cloud Engineer

Developer

Cloud Security

What is OAuth with PKCE and How Does it Work?

Updated:

July 28, 2021

Written by

Abhay Bhargav

What is OAuth with PKCE and How Does it Work? | Way of the Future

In this video, Abhay Bhargav will be taking you through implementing an OAuth with PKCE flow using hands-on labs from an upcoming AppSecEngineer course on OAuth and OIDC.

OAuth and OIDC are perhaps the most important authentication and authorization technologies on the modern web today. You're probably interacting with OAuth and OIDC on a regular basis every day.

However, OAuth and OIDC can be particularly vulnerable to replay attacks. This led to the creation of the Proof Key for Code Exchange (PKCE), a protocol that helps add an additional layer of security on OAuth and OIDC workflows.

Source for article

Abhay Bhargav

Abhay Bhargav

Abhay is a speaker and trainer at major industry events including DEF CON, BlackHat, OWASP AppSecUSA. He loves golf (don't get him started).

Abhay Bhargav

Categories

Offensive Security

Container Security

Threat Modeling

Application Security

Latest

Your Ultimate Guide to Multi Cloud Security Training with AppSecEngineer

The Cybersecurity Professional's Guide to Kernel Exploits

The DNA of High-Performing Cybersecurity Teams

How AppSecEngineer helps in building a secure coding program for dev teams

The Impact and Importance of Secure Coding Training

Threat Modeling as a Critical Business Skill

The Rocky Path to Effective Threat Modeling Automation

Bridging the Gap to CISA Self Attestation with Threat Modeling

AI in the World of Threat Modeling

The Art of Secure Coding

Using VPC Peering and Cloud NAT to turbo charge your Cloud apps

The Need for Resilience, Adaptability, and Proactive Security Measures—The Need for DevSecOps

Key Vulnerabilities in Applications and How to Secure Them

Application Security Engineer Interview Questions

Application security and Types

The Hilarious Journey into Application Security

What is Application Security?

Enhance your Application Infrastructure with Google Cloud's Load Balancer

VPCs for Dummies

Not your typical guide to becoming a Cloud Security Architect

Teams that train together, work together

We can make your teams do things you never thought possible.
All through the power of hands-on learning.

SITEMAP

Home Training Library For Businesses Hands-on Labs Pricing Blog

QUICK LINKS

Sign In Sign Up Privacy Policy

E-BOOKS

Beginner's Guide to
a Career in AppSec Train your Teams to Fly

FOLLOW APPSECENGINEER

CONTACT

Contact Support

help@appsecengineer.com
‍
1603 Capitol Avenue,
Suite 413A #2898,
Cheyenne, Wyoming 82001,
United States

Copyright AppSecEngineer © 2023