Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Training Camp • Cybersecurity Glossary
PKCE is an OAuth 2.0 extension RFC 7636 that secures the authorization code flow against interception using a code verifier and challenge.
PKCE Proof Key for Code Exchange Definition: PKCE is an OAuth 2.0 extension RFC 7636 that secures the authorization code flow against interception using a code verifier and challenge.
Proof Key for Code Exchange PKCE, defined in RFC 7636, is an OAuth 2.0 extension that protects the authorization code flow against interception attacks, originally designed for public clients such as mobile and single-page apps. The client generates a random code verifier and sends its hashed code challenge with the authorization request, then must present the original verifier when exchanging the code for tokens, binding the code to the legitimate requester.
Turn knowledge into credentials with our instructor-led cybersecurity boot camps.
View All Courses →