What is PKCE (Proof Key for Code Exchange)?
PKCE (pronounced “pixy”) is a security extension to OAuth 2.0 that protects authorization code flow from interception attacks. It’s essential for public clients like mobile apps, single-page applications (SPAs), and CLI tools that cannot securely store client secrets.
Understanding code_verifier and code_challenge
| Component | Description | Example |
|---|---|---|
| code_verifier | A cryptographically random string (43-128 characters) generated by the client | dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk |
| code_challenge | A transformed version of code_verifier sent in the authorization request | E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM |
| code_challenge_method | The transformation method: S256 (SHA-256, recommended) or plain | S256 |
How PKCE Works
- Generate: Client creates a random
code_verifier - Transform: Client computes
code_challenge = BASE64URL(SHA256(code_verifier)) - Authorize: Client sends
code_challengewith authorization request - Exchange: Client sends original
code_verifierwith token request - Verify: Server verifies
SHA256(code_verifier) == code_challenge
PKCE Generator Tool
Use the tool below to generate secure PKCE values for your OAuth 2.0 implementation:
PKCE (Proof Key for Code Exchange, RFC 7636) adds security to the OAuth 2.0 Authorization Code Flow, especially for public clients like mobile apps and SPAs.
How it works:
- Client generates random
code_verifier(43-128 chars) - Client creates
code_challenge = BASE64URL(SHA256(code_verifier)) - Client sends
code_challengein authorization request - Authorization server stores the challenge
- Client sends original
code_verifierin token request - Server verifies:
SHA256(code_verifier) == code_challenge
โ ๏ธ Important: Save the code_verifier! You'll need it when exchanging the authorization code for tokens.
All calculations are performed locally in your browser using the Web Crypto API. No data is sent to any server. Your code_verifier and code_challenge never leave your device.
Frequently Asked Questions
What is a code_verifier in OAuth 2.0?
A code_verifier is a cryptographically random string between 43-128 characters used in PKCE. It’s generated by the client application and kept secret. The code_verifier is sent to the authorization server during the token exchange to prove that the same client that started the authorization request is completing it.
What is the difference between code_verifier and code_challenge?
The code_verifier is the original secret string, while the code_challenge is a transformed (hashed) version of it. The code_challenge is sent in the initial authorization request, and the code_verifier is sent later during token exchange. This separation prevents authorization code interception attacks.
Should I use S256 or plain method?
Always use S256 (SHA-256) when possible. The plain method should only be used when the client cannot perform SHA-256 hashing, which is rare in modern environments. S256 provides additional security because even if an attacker intercepts the code_challenge, they cannot reverse it to get the code_verifier.
How do I implement PKCE in my application?
Here’s a quick example in JavaScript:
// Generate code_verifier
const array = new Uint8Array(32);
crypto.getRandomValues(array);
const code_verifier = base64URLEncode(array);
// Generate code_challenge
const hash = await crypto.subtle.digest('SHA-256',
new TextEncoder().encode(code_verifier));
const code_challenge = base64URLEncode(hash);
Is PKCE required for all OAuth 2.0 flows?
PKCE is required for public clients (mobile apps, SPAs) and strongly recommended for confidential clients as well. OAuth 2.1 (draft) mandates PKCE for all clients using the authorization code flow.
Related Resources
- How PKCE Enhances Security in Authorization Code Flow
- Understanding code_verifier in OAuth 2.0
- OAuth 2.0 Best Practices for 2025
- JWT Decode Tool - Decode and inspect your OAuth tokens