Prerequisite: OAuth2.0
PKCE is pronounced as ‘pixie’. PKCE - Proof Key for Code Exchange => Credits
Concepts: What is Confidential Client? Any backend application written in languages like .Net, Java, NodeJS can be considered as Confidential Client.
OAuth2.0 and OpenID - is one of the best videos (62 mins) on this topic - Highly recommended. This blog is just a quick summary (4 mins read) of it.
I was trying to read about RBAB (Role-Based Access Control) and ABAC(Attribute-Based Access Control); after some reading - I realized, as a software engineer - it’s way more easier when you get to read code - So, I started to search for open source project which implements access control infrastructure, and stumbled upon Casbin.