Although I am no customer. What drove me to the article was that reading about improving security always catches my interest.
I wished this article had two diagrams in it
one showing the OAUTH flow
one showing how PKCE changes the game
Somewhere in the middle of the text is the description of what the gains with dynamic secrets are and what is done. But I think, this article would benefit from diagrams. Then it would read less than typical PR of »Hey, we made stuff more secure« ;)
Thanks for this nice article.
And I am glad to hear that
Although I am no customer. What drove me to the article was that reading about improving security always catches my interest.
I wished this article had two diagrams in it
one showing the OAUTH flow
one showing how PKCE changes the game
Somewhere in the middle of the text is the description of what the gains with dynamic secrets are and what is done. But I think, this article would benefit from diagrams. Then it would read less than typical PR of »Hey, we made stuff more secure« ;)
I have a plan for a follow-up blog post about the implementation itself in nodejs. Stay tuned :)
Got me with that 😉