OAuth 2.0 flow with PKCE(pixie) - Proof Key for Code Exchange #17
Description
PKCE is a new, more secure authorisation flow (based on the OAuth 2.0 spec)
This can help us break the implicit auth flow which is vulnerable to several attacks since we cannot ensure the security of client key. With PKCE, we will be able to authenticate users or applications without any exchange of credentials.
reference link:
https://oauth.net/2/pkce/
https://dropbox.tech/developers/pkce--what-and-why-