Client Authentication vs. PKCE: Do you need both?
Learn how OAuth Proof-Key for Code Exchange (PKCE) does not replace client authentication (e.g. secrets) and why you should use both where possible.| Scott Brady
Learn how OAuth Proof-Key for Code Exchange (PKCE) does not replace client authentication (e.g. secrets) and why you should use both where possible.| Scott Brady
I was catching up on the always excellent Security. Cryptography. Whatever. podcast, and enjoyed the episode with Colm MacCárthaigh about a bunch of topics around TLS. It’s a great episode th…| Neil Madden
[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Errata] [Info page] | www.rfc-editor.org
OAuth Parameters| www.iana.org
OpenID Connect Core 1.0 incorporating errata set 2| openid.net
[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Errata] [Info page] | www.rfc-editor.org
