Hello again Cyber geeks. As I stated previously I will be posting more on the topic of Oauth. So this is in continuation where we left.

In this article we will go a bit more Advance to understand more about Secure Implementation of OAuth for Private client.

So Let’s get started……

As we seen earlier how OAuth mechanism works where the client access the Protected Resource by getting an Access token. Now to perform OAuth exchange from public clients securely and to prevent several attacks we will going to use PKCE (RFC 7636)

To understand it in simpler terms we…


Hello Cyber geeks, this is my first ever article in medium, I will be publishing more articles after this. Hope you will enjoy it. Happy Hunting !!

OPen Authorization (OAuth)

OAuth means authorization between the services. OAuth is process of providing access between services without user credentials. It comes under the RFC 6749.

Terminology Associated with OAuth:

Resource: ( Protected resources) It is the service where only user will have the authorization access, in simple words we can say it is a protected resource, which client or third party application wants to access.

Resource owner: User who has access to the service. …

Shivangi Rai

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store