NewsNews

NewsRSS

Curity proposes a new IETF standard to secure Single Page Applications with OAuth

At IETF 101 in London, we were presenting the recently suggested RFC to the OAuth working group that will allow developers to secure their SPA in a standardized way. Until now, there hasn’t been a way in OAuth for clients to request user authorization when using scripting languages such as JavaScript. The Assisted Token flow leverages HTML's iframe element, child windows, and the postMessage interface and is a way simpler approach compared to building your own solution based upon the with the implicit grant type flow. The proposed RFC is found here

Back to news

Next steps

Ready to modernize IAM?

Start Today - Build security and improve ease of use to stay ahead of the competition.

Free trial icon representing Start a free trial

Start a Free Trial

Calendar icon representing Schedule a demo

Schedule a demo

User with a computer icon representing Speak to an Identity Specialist

Speak to an Identity Specialist

Book icon representing Explore learning resources

Explore learning resources