@misc{rfc7636,
series = {Request for Comments},
number = 7636,
howpublished = {RFC 7636},
publisher = {RFC Editor},
doi = {10.17487/RFC7636},
url = {https://www.rfc-editor.org/info/rfc7636},
author = {Nat Sakimura and John Bradley and Naveen Agarwal},
title = {{Proof Key for Code Exchange by OAuth Public Clients}},
pagetotal = 20,
year = 2015,
month = sep,
abstract = {OAuth 2.0 public clients utilizing the Authorization Code Grant are susceptible to the authorization code interception attack. This specification describes the attack as well as a technique to mitigate against the threat through the use of Proof Key for Code Exchange (PKCE, pronounced "pixy").},
}