Client Security
Discover different aspects of client security and learn best practice approaches.
Client security primarily covers web and mobile, to ensure the best security in the browser and on devices
The Nonce Authenticator Pattern
An additional option to ensure your desired Single Sign-On behavior
Token Handler Deployment Patterns
Design patterns for deploying an API-driven backend for front-end Single Page Applications
Token Handler Design Overview
A design overview of the key behavior when using the token handler pattern
Best Practices - OAuth and Same Site Cookies
Best practices for using web cookies and authorization server cookies securely and reliably
Best Practices - OAuth for Mobile Apps
Best practices to harden security when integrating OAuth into mobile applications.
Best Practices - OAuth and XSS Prevention
Mitigate XSS threats in OAuth-secured Browser Based Apps
Best Practices - OAuth for Single Page Applications
Single Page Applications (SPAs) are different from regular web applications, requiring further security measures. Learn how to use OAuth to secure SPAs.
