The Curity Token Handler is a Backend for Frontend (BFF) authentication solution that addresses browser-based authentication security concerns.
Securing API access calls from the browser eliminates the need for a network-protected backend data connection for identity verification.
Issuing secure cookies in an OAuth agent and translating them to tokens via an OAuth proxy on an API gateway separates web from API concerns.
The Curity Token Handler offers plug-and-play compatibility with popular gateways, including Azure API Management, Google Apigee, AWS, Kong and NGINX.
A fully developed and tested solution that offers simple implementation and integration to save resources and support fast application launch.
The token handler pattern issues only the most secure HTTP-Only, SameSite=strict cookies on behalf of the SPA. These are first-party cookies and not subject to browser restrictions. Secondly, all API requests are routed via an API gateway rather than a web backend.
Learn more about the Token Handler Pattern