Session 8: OAuth for Single Page Applications

Single Page Application run without a backend. All logic happens in the browser using JavaScript. To retrieve a token in order to call APIs certain measures should be taken. You will learn the best practice and we explore multiple ways SPAs can make use of OAuth.

  • PKCE - Proof Key Code Exchange
  • Code Flow with an SPA
  • Depending on the SSO Session
  • Assisted Token
  • Using a Backend for Frontend

Related resources


Course Outline