OAuth 2.1 + PKCE for a single-page app
PKCE is the load-bearing mitigation against authorization-code interception. The Go implementation is short; the parts every SPA gets wrong are documented here.
#PKCE
Posts about pkce. ← All posts
Posts about pkce. ← All posts
PKCE is the load-bearing mitigation against authorization-code interception. The Go implementation is short; the parts every SPA gets wrong are documented here.