OIDC Authentication

Securely receiving authorization code in SPAs using form_post

The form_post response mode can be used to avoid sending the authorization code in the URL during an OIDC authentication flow. This post discusses how you can use the form_post method even more securely.

The form_post response mode

1. The first method of using form_post

GETTING THE AUTHORIZATION CODE USING TEMPLATE TAGS

2. The Second Method of using form_post

GETTING THE AUTHORIZATION CODE USING AN API ENDPOINT

I am a software engineer who is passionate about frontend development, UX design, machine learning, neural networks, blockchain, robotics and IoT.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store