search menu icon-carat-right cmu-wordmark

A Token Walks into a SPA...

May 2018 Presentation
Ado Kukic (Auth0)

Between Angular, React, and Vue, it can be hard not to build single-page applications (SPAs). This presentation shows how to create secure SPAs.


Software Engineering Institute




Seems like all that's heard about these days are Single Page Applications. Angular, React, Vue, Ember—they are transforming the way we think about the frontend. But what about securing these applications? This often tends to take a back seat to speed, animations, and other cool features of these frameworks. Between cookies, tokens, keeping users authenticated, and handling resource access, securing these apps can be tricky. It may even feel like a second page is needed (gasp!) for the authentication setup! But there is technology to create truly secure single-page applications. This tutorial walks through securing a Vue application, but the approach will apply to nearly any single-page application framework.