How to secure OIDC authorisation code flow with PKCE from interception by privileged admin?
I’m really struggling to wrap my head around this. I have a hypothetical flow, which includes 3 entities: The user/browser, AuthServer, client/App. This flow makes use authorisation code flow with PKCE. Here are the steps:
How to secure OIDC authorisation code flow with PKCE from interception by privileged admin?
I’m really struggling to wrap my head around this. I have a hypothetical flow, which includes 3 entities: The user/browser, AuthServer, client/App. This flow makes use authorisation code flow with PKCE. Here are the steps:
How to secure OIDC authorisation code flow with PKCE from interception by privileged admin?
I’m really struggling to wrap my head around this. I have a hypothetical flow, which includes 3 entities: The user/browser, AuthServer, client/App. This flow makes use authorisation code flow with PKCE. Here are the steps:
How to secure OIDC authorisation code flow with PKCE from interception by privileged admin?
I’m really struggling to wrap my head around this. I have a hypothetical flow, which includes 3 entities: The user/browser, AuthServer, client/App. This flow makes use authorisation code flow with PKCE. Here are the steps: