arrow-left arrow-right brightness-2 chevron-left chevron-right circle-half-full dots-horizontal facebook-box facebook loader magnify menu-down rss-box star twitter-box twitter white-balance-sunny window-close
Advanced Single Page App Authentication
1 min read

Advanced Single Page App Authentication

At the end of 2018, the OAuth working group released a new best current practices (BCP) document which recommended developers no longer implement the Implicit Grant Authorization Flow and instead implement the Auth Code with PKCE Authorization Flow. Unfortunately, the majority of Single Page Applications today implement the Implicit Flow. In this talk we’ll discuss the impacts of the BCP, compare differences between Implicit and Auth Code with PKCE, demo both of these approaches in a modern SPA, and share the knowledge you need to know when deciding on whether to follow the BCP or continue with the Implicit Grant for your authentication and authorization purposes.

Enjoying these posts? Subscribe for more

Already have an account? Sign in
You've successfully subscribed to Bytesized Code.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.