Session
Don't Trust the Browser: Secure SPAs with BFF
OpenIdConnect and OAuth are the industry standards to protect both frontend and backends applications with tokens.
Sending tokens to the browser is like trusting a bunch of lions to keep a cow safe. So why do we do it in our Single Page Applications using the implicit flow for example?
Don't.
BFF or Backend For Frontend solves this problem. Come and find out how this works using ASP.NET Core on the server and React on the browser side. If you're not into ASP.NET Core: come anyways because the concepts are applicable to any technology.
Roland Guijt
Microsoft MVP, Pluralsight author, ASP.NET insider
Utrecht, The Netherlands
Links
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top