OpenID Connect for plain Javascript SPAs

OpenID Connect for plain Javascript SPAs

Code and documents describing how to implement an OAuth client for a generic SPA

Security Libraries

Curity Express Token Handler

An implementation of the Token Handler Pattern that can be deployed as a Docker container

Curity OAuth Assistant

A Curity library for implementing the Assisted Token Flow and SPA session management

oidc client

A library for implementing the Code Flow (PKCE) and SPA session management

Code Examples

SPA using the Token Handler Pattern

SPA using the Token Handler Pattern

A code example showing how to implement the Token Handler Pattern in an SPA

Read more
Javascript SPA using Assisted Token Flow

Javascript SPA using Assisted Token Flow

An example that uses the assisted token flow in a simple Javascript app.

Read more
Javascript SPA using Code Flow + PKCE

Javascript SPA using Code Flow + PKCE

A simple Javascript SPA sample using the code flow with PKCE

Read more
Javascript SPA using OAuth Assistant Library

Javascript SPA using OAuth Assistant Library

How to use the Curity OAuth Assistant available on npm in a Single Page Application

Read more

How-tos

Token Handler End-to-End Tutorial

Token Handler End-to-End Tutorial

How to run an end-to-end example that secures an SPA using SameSite cookies.

Read more

Learn

The Token Handler Pattern for Single Page Applications

The Token Handler Pattern for Single Page Applications

Learn how the Token Handler design pattern strengthens the security of your Single Page Applications and improves user experience.

Read more
Best Practices - OAuth for Single Page Applications

Best Practices - OAuth for Single Page Applications

Learn how to use OAuth to secure your Single Page Applications.

Read more