Base64 ⇄ Hex Hex to Base64 Bytes to Hex Hex to Bytes Base64 Encode/Decode Blowfish Encryption AES Encryption RSA Encryption Hash Calculator HMAC Calculator JWT Decoder URL Encoder/Decoder HTML Encoder/Decoder JSON Formatter XML Formatter Random Generator UUID Generator Timestamp Converter Regex Tester Text Diff Password Generator Cookie Converter OAuth PKCE

OAuth 2.0 PKCE Generator

Generate Code Verifier and Code Challenge for OAuth 2.0 PKCE (Proof Key for Code Exchange) authentication flow.

PKCE specification requires 43-128 characters. 43 is standard, longer is more secure.


Valid characters: A-Z, a-z, 0-9, -, ., _, ~


What is OAuth 2.0 PKCE?

PKCE (Proof Key for Code Exchange) is a security extension for OAuth 2.0 that protects against authorization code interception attacks.

Code Verifier: A cryptographically random string (43-128 chars) using base64url-safe characters
Code Challenge: A SHA256 hash of the verifier, base64url-encoded (or plain)
Challenge Method: S256 (SHA256, recommended) or plain