Skip to content

curityio/spa-using-token-handler

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

195 Commits
api
api
 
 
deployments
deployments
 
 
doc
doc
 
 
hooks
hooks
 
 
spa
spa
 
 
webhost
webhost
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.sh
build.sh
 
 
deploy.sh
deploy.sh
 
 
teardown.sh
teardown.sh
 
 

Repository files navigation

SPA using the Token Handler Pattern

Quality Availability

A Single Page Application (SPA) that implements OpenID Connect using recommended browser security.
The SPA uses a Backend for Frontend (BFF) approach, in line with best practices for browser based apps.
A modern evolution of Backend for Frontend is used, called the Token Handler Pattern.

Logical Components

Architecture Benefits

This provides the best separation of web and API concerns, to maintain all of the benefits of an SPA architecture:

  • Strongest Browser Security, with only SameSite=strict cookies
  • Great User Experience due to the separation of Web and API concerns
  • Productive Developer Experience with only simple security code needed in the SPA
  • Deploy Anywhere, such as to a Content Delivery Network

Run the End-to-end Flow

The SPA can be quickly run in an end-to-end flow on a development computer by following these guides:

Website Documentation

More Information

Please visit curity.io for more information about the Curity Identity Server.

About

API driven OpenID Connect SPA security, using only the most secure cookies in the browser

curity.io/resources/learn/token-handler-overview/

Topics

react oauth2 spa openid-connect code-example token-handler

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

64 stars

Watchers

5 watching

Forks

19 forks
Report repository

Releases

9 tags

Packages

No packages published

Contributors 5

Languages