SPA Security

Access Security for Single Page Applications

Single Page Applications (SPAs) offer strong advantages, like convenient user experiences and fast deployment, but Single Page Applications can be difficult to secure. The Curity Identity Server leverages the Curity Token Handler for secure Backend for Frontend (BFF) authentication.

Schedule a Demo
SPA Security
Secure API calls from the browser

Secure API calls from the browser

Retain the lightweight advantages of SPAs

Retain the lightweight advantages of SPAs

Easily deploy a low-code solution

Easily deploy a low-code solution

Modern SPA Security with the Token Handler

Cyber threats and browsers are evolving, and the changes have rendered traditional SPA security architectures less effective at defending against attacks like Cross-site Scripting (XSS). The Curity Identity Server includes the Curity Token Handler providing the most up-to-date and secure SPA authentication architecture. Unlike traditional SPA authentication which processes tokens in the browser where they can be stolen, the Curity Token Handler uses a Backend for Frontend (BFF) authentication strategy that adds a lightweight token processing layer behind the browser.

Eliminate Dependence on Backend Databases

Eliminate Dependence on Backend Databases

Separate web and API concerns while retaining the full benefits of a secure SPA architecture.

Leverage API Gateway Compatibility

Leverage API Gateway Compatibility

Use any API gateway, including Azure API Management, Google Apigee, AWS, Kong and NGINX.

Simplify Deployment

Simplify Deployment

Low-code, plug-and-play design facilitates fast time to launch without sacrificing security.

Secure Browser-based Identity Verification

Secure Browser-based Identity Verification

Securing API access calls from the browser eliminates the need for a network-protected backend data connection for identity verification. By using secure cookies instead of access tokens, the Curity Token Handler minimizes the data stored and processed in the browser where it can be exposed to theft by malicious actors. The cookies are converted to tokens on the backend by an OAuth proxy with an API gateway.

Read the whitepaper
Hardening Single Page Application Security

Hardening Single Page Application Security

The Curity Token Handler, a BFF for SPA security, transfers the handling of OAuth to a utility API. This trusted agent is able to perform more secure interactions with the OAuth authorization server and store access tokens in a safe manner. It exposes tokens to the SPA using robust browser security techniques to maintain the usability and deployment benefits of SPA architecture without compromising security.

Watch the webinar