OAuth Assisted Token Flow for Single Page Applications

In this talk, Daniel Lindau, Solution Architect at Curity, will show how OAuth can be integrated into Single Page Applications (SPAs) using the assisted token flow — a new OAuth message exchange pattern introduced at IETF 101. He will contrast it with implicit flow and show how framing, token storage, and other nuances are handled using this new alternative flow. He will highlight the use of the HTML postMessage interface for passing tokens (vis-a-vis redirects used by other flows). He will also demo how this protocol can be used with various JavaScript frameworks, like JQuery, in just a few lines of code. He will conclude by giving a state of the draft and its future.

Smarter Tech Decisions Using APIs

Smarter Tech Decisions Using APIs

API blog

High impact blog posts and eBooks on API business models, and tech advice

API conferences

Connect with market leading platform creators at our events

API community

Join a helpful community of API practitioners

API Insights Straight to Your Inbox!

Can't make it to the event? Signup to the Nordic APIs newsletter for quality content. High impact blog posts on API business models and tech advice.

Join Our Thriving Community

Become a part of our global community of API practitioners and enthusiasts. Share your insights on the blog, speak at an event or exhibit at our conferences and create new business relationships with decision makers and top influencers responsible for API solutions.