OAuth2 Proof Key for Code Exchange (PKCE, pronounced "pixy") is a technique to mitigate against authorization code interception attacks.
Altough originally intended to be used by OAuth2 public clients, it can also be used by confidential clients.
This library supports both client and authorization server applications.
Please referr to the specific docs for your use case: