Curity Token Handler

Secure Single Page Applications with Curity Token Handler

With the Curity Token Handler, organizations can leverage SPA business advantages, like streamlined user experiences and fast deployment, without sacrificing security.

Schedule a Demo
Curity Token Handler

Single Page Application Security Challenges We Address

The Curity Token Handler is a Backend for Frontend (BFF) authentication solution that addresses browser-based authentication security concerns.

Secure authentication without a firewall-protected backend

Secure authentication without a firewall-protected backend

Lengthy and resource-heavy development

Lengthy and resource-heavy development

Inability to secure API calls in the browser

Inability to secure API calls in the browser

Cyber threats like token exfiltration and cross-site scripting (XSS)

Cyber threats like token exfiltration and cross-site scripting (XSS)

How Curity Enables Single Page Application Security

How Curity Enables Single Page Application Security
Backend for Frontend Authentication in the Browser

Backend for Frontend Authentication in the Browser

Securing API access calls from the browser eliminates the need for a network-protected backend data connection for identity verification.

Follows OAuth Best Practices for Browser-Based Applications

Follows OAuth Best Practices for Browser-Based Applications

Issuing secure cookies in an OAuth agent and translating them to tokens via an OAuth proxy on an API gateway separates web from API concerns.

Customized for Popular API Gateways

Customized for Popular API Gateways

The Curity Token Handler offers plug-and-play compatibility with popular gateways, including Azure API Management, Google Apigee, AWS, Kong and NGINX.

Ready-To-Deploy, Low-Code Solution

Ready-To-Deploy, Low-Code Solution

A fully developed and tested solution that offers simple implementation and integration to save resources and support fast application launch.

Ready to secure your Single Page Applications?

Schedule a Demo

The Token Handler Pattern

The token handler pattern issues only the most secure HTTP-Only, SameSite=strict cookies on behalf of the SPA. These are first-party cookies and not subject to browser restrictions. Secondly, all API requests are routed via an API gateway rather than a web backend.

Learn more about the Token Handler Pattern
Overview chart

Read more

Modern Techniques for Securing SPAs

Token Handler: The Single Page Application’s New BFF

The Token Handler Pattern: OpenID Connect for Single Page Apps

The Token Handler Pattern for Single Page Applications

SPA using the Token Handler Pattern

Token Handler Development Setup

Token Handler Overview

SPA - Single Page Application Security

Next steps

Ready to modernize IAM?

Start Today - Build security and improve ease of use to stay ahead of the competition.

Free trial icon representing Start a free trial

Start a Free Trial

Calendar icon representing Schedule a demo

Schedule a demo

User with a computer icon representing Speak to an Identity Specialist

Speak to an Identity Specialist

Book icon representing Explore learning resources

Explore learning resources