Last post Apr 19, 2020 09:43 AM by sivapooja
Apr 15, 2020 01:19 PM|sivapooja|LINK
Vanilla js spa application consume resource from asp.net web api ,
can i use Implicit Grant Flow? if can , can anyone provide link that explain implement Implicit flow with js front end and web api back end.?
is it possible to use Authorization Code flow for this scenario ?
Apr 15, 2020 09:04 PM|timur.kh|LINK
From this Auth0 blog post:
If you are building a new SPA, you should consider implementing the new guidance based on authorization code with PKCE.
If you already have SPA apps in your portfolio, they are likely based on the implicit flow — and almost certainly already take steps to mitigate the known issues the approach entails. It is up to you to decide whether you are still satisfied with the mitigations you already have in place, or if it's worth it to update your code to adhere to the new recommendations.
If you're after an implementation guidelines - check out this Auth0 page here. It also mentions when and how you should opt for Auth Code flow.
Note: I am not affiliated with Auth0 and I don't use their services. I just find their documentation to be easy to follow.
Apr 16, 2020 05:31 AM|sivapooja|LINK
Thanks for your reply...
Can you provide example link to implement Auth Code Flow with SPA ?
Apr 18, 2020 10:25 AM|timur.kh|LINK
Apr 19, 2020 09:43 AM|sivapooja|LINK
Seems like auth code flow is not ready for production