Learn how the Backend for Frontend (BFF) architecture helps secure OAuth and OIDC flows in modern apps by safely handling tokens, reducing attack surfaces, and enabling cleaner session management.
OAuth 2.0
5 posts
OAuth 2.0 and OpenID Connect (OIDC) are powerful, flexible, and… surprisingly easy to misconfigure.Note: This article belongs to Part 5.2: App Security Best Practices in our Application Security series. From overly permissive tokens to incorrect redirect URIs and unchecked ID tokens — even mature teams fall into subtle traps. In this final post of […]
Why the Implicit Flow is deprecated and how PKCE (Proof Key for Code Exchange) secures modern Single Page Applications (SPAs) and mobile apps using OAuth 2.0.
Dive into the structure of JSON Web Tokens (JWT), how they're signed and validated, where expiry pitfalls creep in, and best practices for secure token usage in real-world applications.
By now, you know the difference between authentication and authorization. You’ve explored OAuth 2.0, OpenID Connect, and even federated SSO setups across identity providers. So, what’s next? Have you ever heard or Refresh Tokens?Note: This article belongs to Part 4.1: Token Lifecycle & Retry Logic in our Application Security series. Here’s the […]