Best Friends Forever: BFF and Single-Page Applications
For many years, single-page applications (SPAs) have used OAuth flows that store tokens in the browser: an approach that comes with security risks. OAuth’s current recommendation flips that model: the Backends for Frontends (BFF) pattern uses secure cookies and a backend component to handle tokens on the server side.
It may feel like a step back to the ’90s, but it’s actually a leap forward in terms of security and browser compatibility. In this session, you’ll learn how the BFF pattern works, why it’s the better choice, and how to securely implement that within your architecture.
About the speaker
Christian Wenz
Christian Wenz is a consultant, software architect and entrepreneur specializing in web technologies and security. A prolific writer, he has authored or co-authored over 100 books for various publishers. Christian’s work spans both open-source and proprietary web technologies, a unique combination that has earned him recognition as a Microsoft MVP for Developer Technologies and the distinction of being the lead author of the Zend PHP certification. He is also credited in several open-source projects for his contributions. In addition to his writing and technical endeavors, Christian is a frequent speaker at developer conferences worldwide, where he shares his expertise in web technologies.