Securing Web APIs from JavaScript/SPA Applications -- Visual Studio Live!: Training Conferences and Events for Enterprise Microsoft .NET and Azure Developers

March 3-8, 2019

Bally's Hotel and Casino

Hear From Our Past Attendees 1!

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur elit justo, tristique eu non, vulputate ullamcorper ex. Click here.
Hear From Our Past Attendees 2!

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur elit justo, tristique eu non, vulputate ullamcorper ex. Click here.
Hear From Our Past Attendees 3!

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur elit justo, tristique eu non, vulputate ullamcorper ex. Click here.

Secure Your Seat Today - Register Now!

Full Stack Web Development

W09 Securing Web APIs from JavaScript/SPA Applications

03/06/2019

1:30pm - 2:45pm

Level: Intermediate

Brock Allen

Application Security Architect

Modern web development means that more and more application code is running in the browser as JavaScript. This architectural shift requires us to change how we perform authentication and authorization. Fortunately, using modern protocols such as OpenID Connect you don’t need to invent your own solution for this new environment. This session will show you the modern approach for browser-based JavaScript applications to authenticate users, and perform secure web api invocations. As you might expect, security is sufficiently complex and so even modern security comes with its own set of challenges. Luckily, we will show off some libraries that help manage this complexity so your application doesn’t have to.

You will learn:

Why we don't use cookies for securing Ajax calls
How to use OpenID Connect to obtain tokens in JavaScript apps
Protecting web APIs with token-based security

Hear From Our Past Attendees 1!

Hear From Our Past Attendees 2!

Hear From Our Past Attendees 3!

Full Stack Web Development

W09 Securing Web APIs from JavaScript/SPA Applications