Client Security
Discover different aspects of client security and learn best practice approaches.
Client security primarily covers web and mobile, to ensure the best security in the browser and on devices
The Nonce Authenticator Pattern
An additional option to ensure your desired Single Sign-On behavior
Token Handler Development Setup
How to manage an API driven application cookie layer for SPAs on a development computer
Token Handler Deployment Patterns
Design patterns for deploying an API-driven backend for front-end Single Page Applications
Token Handler Design Overview
A design overview of the key behavior when using the token handler pattern
Best Practices - OAuth and Same Site Cookies
Best practices for using web cookies and authorization server cookies securely and reliably
Best Practices - OAuth for Mobile Apps
This article demos best practices for using the OAuth for mobile applications.
Best Practices - OAuth for Single Page Applications
Single Page Applications (SPAs) are different from regular web applications, requiring further security measures. Learn how to use OAuth to secure SPAs.