The code returned from the authorization server after the resource owner successfully authenticates.
Optional
The code verifier used to ensure that the client is the only entity authorized to obtain an access token for the given code.
The code returned from the authorization server after the resource owner successfully authenticates.