Token Handler Summary

Once you have Integrated the SPA with the token handler, you get a professionally developed web security solution that follows the best practices from the OAuth for Browser-Based Apps document. For additional detailed resources, see the links summarized below.

Design Articles

The following articles provide architectural background on the token handler pattern:

• The Token Handler Pattern for Single Page Applications
• Token Handler Design Overview
• SPA Security Whitepaper

Configuration Tutorials

The following tutorials explain some finer details of the token handler configuration and explain more about the Curity configuration system and how it related to deployment.

• Create a Token Handler
• Configuration Overview
• Configure Deployed Environments
• Configure Deployments to Kubernetes

Developer Tutorials

The code example shows how to complete the SPA integration and implement the full application lifecycle, including handling of error and expiry responses from token handler endpoints. The deployment example walks through all of the important configuration settings and provides automation to supply parameters, including cryptograhic keys.

• Token Handler SPA Code Example
• Token Handler Deployment Example

Scaling Deployments

Finally, for further information on managing cookies for multiple SPAs and scaling web deployments, see the following resources:

• Token Handler Deployment Patterns
• OAuth and Same Site Cookie Best Practices