Thursday
Room 4
13:40 - 14:40
(UTC+02)
Talk (60 min)
Using the BFF pattern to secure SPA and Blazor Applications
Modern web development means that more and more application code is running in the browser. Traditionally this has been JavaScript but more recently there has been the trend to use C# with Blazor. These modern applications are often secured with token-based security using the OpenID Connect and OAuth protocols. But there are different patterns for using token-based security and this session covers some of the pitfalls of the various approaches, especially given the ever-changing browser landscape. We will focus on the “backend for frontend” (or BFF) pattern which has become the most secure and stable of these approaches.
Dominick Baier
Dominick spent most of his professional career implementing security systems for his customers and reading protocol specifications. This resulted in a number of popular open-source projects like IdentityServer and IdentityModel. Since 2020 he runs Duende Software Inc together with his longtime friend and colleague Brock Allen. Duende provides a sustainable home for the IdentityServer project and is the one-stop-shop for all things OpenID Connect and OAuth for .NET-based companies.