PKCE

Proof Key for Code Exchange (RFC 7636). A binding between an authorization request and the code exchange that prevents intercepted authorization codes from being redeemed. Originally for mobile and SPA clients; OAuth 2.1 requires PKCE for all clients.