Intermediate Web & Software Development

Q60 / 100

What is OAuth 2.0 PKCE (Proof Key for Code Exchange)?

Correct! Well done.

Incorrect.

The correct answer is B) A security extension for OAuth 2.0 public clients (SPAs, mobile) using code verifier and code challenge to prevent authorization code interception attacks

B

Correct Answer

A security extension for OAuth 2.0 public clients (SPAs, mobile) using code verifier and code challenge to prevent authorization code interception attacks

Explanation

PKCE: client generates random code_verifier, sends SHA256 hash (code_challenge) in auth request. After redirect, sends code_verifier with token request — proves the token requester is the auth initiator.

Previous All Questions Next

Progress

60/100

Browse All Web & Software Development Questions

100 questions · beginner to advanced