0

I am working on VueJS SPA, which connects to Web API protected by Azure AD. I would like to implement the BFF Pattern(Backend for FrontEnd), which improve the security of the application where the token management happens on the server side. I could not find good examples using Azure AD identity. Appreciate if someone could share any good example that helps as a template for BFF using SPA framework.

Improve this question
0

1 Answer 1

Reset to default
2

Please check if below references can give an idea .

This demo will show implementation of SPA in Angular but this could easily be switched with Blazor, React or a Vue.js UI.

An API is created specially for the Angular UI and the other APIs can only be able to access from the trusted backend which can be under our control.

This is almost similar to the backend for frontend application architecture (BFF). The API uses Microsoft.Identity.Web to implement the Azure AD security. All API HTTP requests to this service require a valid access token which was created for the service.

References:

  1. asp.net - SPA (Vue), BFF and IdentityServer on IIS setup? - Stack Overflow
  2. Securing and accessing APIs with Azure Active Directory | by Cheranga Hatangala |

Other- references:

  1. Building and securing an ASP.NET Core API with a hosted Vue.js UI (damienbod.com)
  2. c# - How to serve SPA on root using Azure AD's AuthorizeforScopes in a BFF - Stack Overflow
  3. Does MSAL.js support the check_session_iframe OIDC endpoint? - Stack Overflow
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thank you and appreciate your help in sharing many references. I will try and update here.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.