Posts tagged “oauth”

Tiny explainers grouped by topic. Spend less time Googling, more time building.

The OAuth2 Flow, Decoded — roles, tokens, and the PKCE dance

A simple, diagram-first walkthrough of OAuth 2’s Authorization Code + PKCE flow—who does what (client, resource owner, authorization server, resource server), how the redirects work, and where tokens live.

September 5th, 2025

devsecurityoauth

Authentication vs. Authorization — what’s the difference and how they fit together

A clear, practical comparison: authN proves who you are; authZ decides what you can do. Learn identities, sessions/tokens (OIDC/OAuth2), roles/scopes/permissions, and common pitfalls.

September 1st, 2025

devsecurityauth