PKCE
A security extension to OAuth that protects authorization code exchanges from interception.
Definition
PKCE, pronounced "pixy" and short for Proof Key for Code Exchange, is an extension to the OAuth 2.0 authorization code flow. It was designed to protect public clients, such as native applications, single page apps, and command line tools, that cannot safely store a fixed client secret. PKCE binds a single authorization request to a single token exchange using a dynamically generated secret, so an intercepted authorization code cannot be redeemed by another party.
How it works
Before starting an authorization request, the client generates a random value called a code verifier and derives a code challenge from it, usually with a SHA-256 hash. The code challenge is sent with the initial authorization request, while the code verifier is kept locally and never transmitted at that stage. When the client later exchanges the returned authorization code for an access token, it includes the original code verifier. The authorization server recomputes the challenge from the verifier and compares it to the one received earlier. If they do not match, the exchange fails, which stops an attacker who captured only the authorization code from completing the flow on their own.
Why it matters for AI agent systems
Agent platforms often need to connect a user's existing accounts, such as an LLM provider subscription, without embedding a long lived client secret inside an agent's runtime or container image, where it could be extracted by anyone with access to that environment. PKCE lets a platform run a standard OAuth flow from a client that cannot keep secrets confidential, which fits the paste code style connect flows used to link subscription based accounts. Agenhood uses paste code PKCE flows to connect Claude and ChatGPT subscriptions, so no static client secret needs to live inside the platform or an agent's environment, and each connection is bound to its own one time exchange.
Related concepts
- OAuth: the broader authorization framework that PKCE extends.
- API key: a simpler, static alternative credential type that PKCE based flows are often used instead of for user delegated access.
- Encrypted credential storage: how the resulting access and refresh tokens are protected once a PKCE exchange completes.