OAuth Developer Workshop Australia - Part 2
The second of a three-part series.
OAuth for Single-Page Apps and Mobile Devices
Many modern applications are built as single-page apps using popular frameworks like React, Angular and Vue.js. Like every application, these apps also need to authenticate users or access remote APIs. While this single-page-app architecture provides many advantages, it also comes with many challenges, especially relating to security. The mobile app landscape comes with its own challenges, from user experience to security.
This session focuses on the specifics of the best practices relating to OAuth and OpenID Connect for single-page applications and mobile apps. We’ll address which of the OAuth flows is most appropriate for these scenario, talk about some architectural patterns available to single-page apps, and share best practices on dealing with storing access tokens in these kinds of applications.