React, Angular, Blazor WASM, "insert trendy JS framework of choice" ... applications all execute in the browser, and are notoriously hard to secure. Over the past few years, multiple security patterns have emerged, and most have failed or are failing - partly due browser behaviour changing, partly due to the inherently insecure context applications that run on a client live in.

A pattern that emerged relatively recently effectively solves these security issues: the BFF, or Backend-For-Frontend pattern. In this session, you'll learn what that is, why we need it, how to implement it in ASP.NET Core, and what else - next to improving security - it can be used for.

Some knowledge of OAuth/OIDC will come in helpful.