If a single page application has control on the server side, it is posible to implement the authorization process like a regular web application does, using Authorization Code Grant, instead of the Implicit Code Grant used by SPAs . That is, send the server the order to authorize and let him start t…

Hey there @arik_auth0 , great news! Here’s our latest update on the JavaScript solution to support Authorization Code in Single Page Applications! http://community.auth0.com/t/js-solution-to-support-authorization-code-in-spas-product-roadmap-in-progress/23178

SPA with Authorization Code Grant

Help

markd March 14, 2019, 12:15pm 4

This is actually a recommended approach in the current draft for using OAuth with SPAs:

I would recommend reading the whole draft, and also recommend reading Vittorio Bertocci’s blog post on the subject:

4 Likes

Storing client secret in SPA

Topic		Replies	Views
How does Auth0 provide authorization code flow in a SPA Help	6	4694	May 9, 2020
Help with Authorization flow choice for Angular SPA & Spring API Help auth0 , api , api-authorization , flow	3	4001	August 26, 2019
Using Code Grant with SPA + REST API Help authorization-flow	2	3921	August 28, 2019
Authorization Code Grant vs Implicit Grant Help implicit-grant , authorization-code-f	4	12478	August 27, 2019
What is future of the implicit grant? Help implicit-grant , grants	2	4194	March 2, 2018

SPA with Authorization Code Grant

Related topics