LLMpediaThe first transparent, open encyclopedia generated by LLMs

PKCE

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: OAuth 2.0 Hop 4
Expansion Funnel Raw 56 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted56
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
PKCE
NamePKCE
AcronymPKCE
TypeOAuth extension
Introduced2015
DeveloperInternet Engineering Task Force
StatusRFC 7636

PKCE Proof Key for Code Exchange (PKCE) is an extension to the OAuth 2.0 authorization framework designed to mitigate interception attacks against public clients such as native applications and single‑page applications. PKCE complements OAuth 2.0 by introducing dynamically generated secrets that bind an authorization code to a specific client instance, improving security for implementations used by platforms including Android (operating system), iOS, Windows 10, macOS and web browsers like Google Chrome, Mozilla Firefox, Microsoft Edge.

Overview

PKCE augments the authorization code grant flow defined by OAuth 2.0 by adding a code verifier and code challenge exchanged between a client and an authorization server such as Google, Microsoft, Facebook (company), GitHub or Okta. The mechanism relies on one‑time, high‑entropy values and hashing algorithms defined in standards bodies like the Internet Engineering Task Force and implemented by libraries from organizations including Apache Software Foundation, Mozilla Foundation and Red Hat. PKCE is widely referenced alongside other protocols and standards such as OpenID Connect, JSON Web Token, Transport Layer Security and OAuth 1.0.

History and Motivation

PKCE was developed in response to attack patterns observed in mobile and public clients after the publication of RFC 6749 (OAuth 2.0) and was standardized as RFC 7636 by the Internet Engineering Task Force in 2015, a process driven by contributors from companies like Google, Microsoft Corporation, Amazon (company) and identity vendors including Okta and Auth0. Historical incidents involving intercepted authorization codes during redirects and threats illustrated in analyses by OWASP, case studies from Facebook (company) security teams, and research from universities such as Stanford University and Massachusetts Institute of Technology motivated the change. PKCE addressed limitations seen in platform features of Android (operating system), legacy behavior in Internet Explorer, and mobile redirect handling in iOS that made public clients vulnerable to authorization code interception attacks explored at conferences like Black Hat and DEF CON.

Protocol Details

A PKCE-enabled flow begins when a client generates a high-entropy random string called the code verifier, using cryptographic primitives specified by standards groups like IETF and libraries maintained by OpenSSL Project, Bouncy Castle, or libsodium. The client derives a code challenge from the verifier using methods such as "plain" or "S256" (SHA-256), algorithms standardized in RFC 7636, and sends the challenge in the initial authorization request to the authorization server (examples include Google Identity Platform, Microsoft Identity Platform, Auth0). After the resource owner authenticates at the authorization server and an authorization code is returned to the client via redirect endpoints registered with providers like Apple Inc., GitHub, or Amazon Web Services, the client redeems the code at the token endpoint while presenting the original code verifier. The server computes the expected challenge and, upon match, issues tokens such as JSON Web Token-formatted access tokens and refresh tokens consistent with OpenID Connect flows.

Security Analysis

PKCE mitigates interception vectors such as authorization code injection, redirect URI manipulation, and rogue application attacks that were exploited in practices documented by OWASP, US-CERT, and security research teams at Google and Microsoft Corporation. The security model assumes attackers may intercept codes via compromised browsers like Internet Explorer or malicious apps installed on Android (operating system) or iOS, but not know the ephemeral code verifier, a property analogous to channel binding mechanisms discussed in literature from IETF working groups. Cryptanalysis relies on properties of hashing algorithms like SHA-256 standardized by NIST; when used with sufficient entropy and proper verification, PKCE raises the cost of successful attacks toward infeasibility. Limitations include reliance on correct redirect URI registration with providers such as Apple Inc. and token endpoint protections offered by identity platforms like Okta and Auth0.

Implementations and Adoption

Major identity providers and platforms including Google, Microsoft Corporation, Amazon (company), Facebook (company), Apple Inc. and identity vendors like Okta and Auth0 have adopted PKCE in their SDKs for Android (operating system), iOS and JavaScript runtimes such as Node.js. Open-source libraries implementing PKCE are available from ecosystems maintained by Apache Software Foundation projects, language communities around Python (programming language), Java (programming language), JavaScript, Go (programming language), and packages published to registries like npm, PyPI, and Maven Central. Industry guidance from organizations such as OpenID Foundation and IETF recommends PKCE for all public clients and many confidential clients in scenarios described by platforms like GitHub and GitLab.

Best Practices and Deployment Considerations

Deployers should generate code verifiers using secure random sources provided by libraries from OpenSSL Project or platform APIs in Android (operating system), iOS and Windows 10, prefer the S256 method (SHA-256) over "plain" for resistance to replay, and enforce strict redirect URI registration per guidance from IETF and OpenID Foundation. Token endpoints on authorization servers such as those run by Google or Microsoft Corporation must validate code challenges robustly, apply rate limiting advocated by NIST and OWASP, and log anomalies for monitoring systems used by enterprises like IBM and Oracle Corporation. Operators should combine PKCE with other mitigations like audience restriction from OAuth 2.0 profiles, TLS configurations in accordance with IETF and NIST recommendations, and secure storage practices for refresh tokens on platforms such as Android (operating system), iOS and Windows 10.

Category:Identity and access management