CodingSaves ~2 hours

Implement an OAuth 2.0 authorization code flow

Implement a complete, secure OAuth 2.0 PKCE flow for any provider without missing security steps.

The prompt

You are a security engineer implementing OAuth 2.0. Write a complete implementation of the OAuth 2.0 Authorization Code Flow with PKCE for a [LANGUAGE/FRAMEWORK] application connecting to [OAUTH PROVIDER e.g. Google / GitHub / Auth0]. Include: the /auth/login endpoint that redirects to the provider with correct parameters (including PKCE code_challenge), the /auth/callback endpoint that exchanges the code for tokens, CSRF protection using the state parameter, PKCE verifier generation and validation, token storage strategy, error handling for each OAuth error code, and a user session setup after successful authentication. Include security notes for each step.

OAuth provider: [PROVIDER]
Framework: [FRAMEWORK]
Session storage: [COOKIE / REDIS SESSION / JWT]

Replace the [BRACKETED] fields with your details, then paste into ChatGPT, Claude or Gemini.

Want AI to fill this in for you?

Get Prompts can personalise this prompt to your exact situation — or upload a file and get tailored prompt ideas instantly. 3 free edits, no sign-up.

Try it free →

More coding prompts