Implicit flow in oAuth2 was for a long time the go to standard for native and webapps,
but it has recently been declared as a should not by IETF.

So how can we be secure?

Come to this workshop and learn how to implement code flow with PKCE

The workshop begins with setting up an authorization server and explains oAuth2 terms like authorization code flow and implicit flow before we dive into PKCE.