Many modern applications are built as Single-Page Applications, using popular frameworks like Angular, React, and Vue. These frontend applications often need to rely on OpenID Connect to authenticate users, and on OAuth 2.0 to access remote APIs. But how do you integrate OAuth 2.0 and OIDC in a frontend? Where do you store access tokens? Can you use refresh tokens?
Many developers struggle with these questions, and this workshop answers them. We dive deep into the current best practices for frontend applications. We cover topics such as token storage, silent authentication, and refresh token rotation. We analyze the impact of common web vulnerabilities, along with mitigation strategies.
At the end of this session, you will know all about the challenges of securing OAuth 2.0 in SPAs.
PRAGMATIC WEB SECURITY
Pragmatic Web Security delivers security training and security advisory services to companies worldwide. Billion-dollar companies rely on Pragmatic Web Security for security advice and services. In addition to customized services, Pragmatic Web Security also offers online courses to allow anyone to learn complex security topics at their own pace. More information on https://pragmaticwebsecurity.com.
Philippe De Ryck
Philippe helps developers protect companies through better web security. His Ph.D. in web security from KU Leuven lies at the basis of his exceptional knowledge of the security landscape.