Open utterances-bot opened 3 years ago
I like how you described the process step-by-step. Thank you for sharing.
Hi, thanks for the great article! It's really focused, clear, understandable, pragmatic. And the topic is really important.
Just a few comments from my side :) Despite it's not directly in the scope of this article, the storage of the token is important piece of the puzzle. I'm aware it is another layer of complexity, assuming that using web storage is discouraged. However, it would be nice to have at least a sentence about this.
And just a few typos noticed. In the parameters list for /authorize endpoint, switch descriptions for code_challenge and code_challenge_method. In the parameters list for /token endpoint, fix code description.
Once more, great work!
@ivanleskovac Thanks for pointing that out, I'll update it!
Using OAuth with PKCE Authorization Flow (Proof Key for Code Exchange) | Tania Rascia
If you've ever created a login page or auth system, you might be familiar with OAuth 2.0, the industry standard protocol for authorization…
https://www.taniarascia.com/oauth-pkce-authorization/