The Backend for Frontend Pattern

Learn how to keep tokens more secure by using the Backend for Frontend (BFF) architectural pattern.
Read more…

:writing_hand:t2: Brought to you by @andrea.chiarelli

Calling all developers, tech gurus, and code comedians! How was the post? Give us a code review or a stand-up routine – your choice!

Hello,

I discovered the BFF pattern just recently. This blog is indeed a good introduction as well. I’m sad it’s not linked maybe to a solution of yours.

I was wondering what are the generic solutions available on the market. It would just need to :

  • Deliver static content (the web application you want to be authenticated on)
  • Run as reverse proxy/API Gateway for the protected APIs
  • Manage your tokens and sessions

So far I’ve only identified two :

  • Duende’s BFF (Commercial license, comes as framework rather than a solution, C#)
  • OAuth2-Proxy (Open source, Go)

Do you know any other competition around this pattern ? Any Okta/Auth0 solutions perhaps ?

Hi @m.turpin,
Thank you for reading this blog post :folded_hands:

I’d like to emphasize that BFF is an architectural pattern, and as such, it must be adapted to an application’s specific implementation needs.

As far as I know, there’s no out-of-the-box solution out there. If there were, you’d be forced to follow the implementer’s design choices.

The two tools you mention can help implement the BFF pattern, but they aren’t true BFF solutions. An out-of-the-box solution should take into account the combination of client-side and server-side technologies, as well as the different facets and challenges dependent on client-server interactions and the application’s business logic.

As you might imagine, Auth0 doesn’t implement an out-of-the-box BFF solution. If you’re interested in examples of implementations in .NET, you can check out this blog post using Blazor and this one using React and ASP.NET Core Web API (the code for the second blog post is planned for a future update).

I hope this can help.