Many modern applications are built as Single-Page Applications, using popular frameworks like Angular, React, and Vue. These frontend applications often need to rely on OpenID Connect to authenticate users, and on OAuth 2.0 to access remote APIs. But how do you integrate OAuth 2.0 and OIDC in a frontend? Where do you store access tokens? Can you use refresh tokens?
Many developers struggle with these questions, and this session answers them. Using a dedicated training application, we dive deep into the current best practices for using OAuth 2.0 and OIDC in frontend applications. We discuss the impact of common web vulnerabilities, along with strategies to manage tokens securely. At the end of this session, you will know all about token storage, silent authentication, and the backend-for-frontend pattern.