An overview of how the Proof Key for Code Exchange should be used.
Authenticating a client using certificates.
Add another security layer by requiring proof of possession.
Secure Single Page Applications using OAuth
This article demos best practices for using the OAuth for mobile applications.
OAuth related standards supported by the Curity Identity Server.
The OAuth Code Flow Explained.
The OAuth Implicit Flow Explained.
The OAuth Hybrid Flow Explained.
The OAuth Client Credentials Flow Explained.
The OAuth Resource Owner Password Credentials Flow Explained.
The OAuth Device Flow Explained.
The OAuth Refresh Flow Explained.
The OAuth Revoke Flow Explained.
OAuth 2.0 is the industry-standard protocol for authorization and access delegation. It specifies a process for resource owners to authorize third-part access to their resources without sharing their credentials. OAuth facilitates fast and secure authentication and authorization for users to APIs, servers, devices and apps. It does this without sharing password information and instead uses access tokens to prove an identity, keeping user credentials safe.