This is actually a recommended approach in the current draft for using OAuth with SPAs:
I would recommend reading the whole draft, and also recommend reading Vittorio Bertocci’s blog post on the subject:
This is actually a recommended approach in the current draft for using OAuth with SPAs:
I would recommend reading the whole draft, and also recommend reading Vittorio Bertocci’s blog post on the subject: