Auth Code Flow with PKCE

The Authorization Code Flow + PKCE is an OpenId Connect flow specifically designed to authenticate public client applicationcs (native or mobile) application users.

The Proof Key for Code Exchange (PKCE) is a specification supported by WSO2 Identity Server to mitigate code interception attacks.

PKCE, pronounced “pixie” is an acronym for Proof Key for Code Exchange. The key difference between…