Visualizing the OAuth Flow and Why PKCE is Needed

It describes why does PKCE exist but doesn't really describe how does it work :(

But they did not explain how PKCE can secure this. (That was the reason I came to this video. The problem was pretty apparent.)

X D

Plz allow captains for this video if possible

one minute does not the code flow requires client secret too. even though the other app got code how was it able to exchange the code without client secret

There is no WHY here, sigh

Fun explanation if need for PKCE (though not the PKCE flow itself explained)

You didnt actually demonstrate PKCE hence you got a few thumbs down

Just stick to a workflow!!! it is easier. Very complicate understanding

Good job!!!!

I still don't get it. PKCE seems to say "the OS is compromised, here is a half baked solution". My thoughts are, if the OS is compromised, there are NO SOLUTIONS -ZERO. I just don't get this. It seams like a scam to get me to use corporate products. Anyway, maybe I'm crazy, but I say this is non-sense. I still have no understanding how if the OS is even potentially compromised, how any data can be secure? Thanks for making the video though! Maybe I'm slightly less confused....

Great Video! Can you please now create a video where you actually demo how PKCE can save me.