The Proof Key for Code Exchange (RFC 7636) algorithm is an extension to the Open Authentication 2.0 (OAuth) Authorization Code flow to prevent Cross-site Request Forgery (CSRF) and authorization code injection attacks.

PKCE is not a form of client authentication, and PKCE is not a replacement for a client secret or other client authentication. PKCE is recommended even if a client is using a client secret or other form of client authentication like private_key_jwt.