Curity Token Handler

The Curity Token Handler is a Backend-for-Frontend (BFF) authentication solution designed to secure Single Page Applications (SPAs). It enables organizations to deliver fast, streamlined user experiences without compromising security. By separating web and API concerns, it ensures secure authentication and API access directly from the browser, eliminating the need for a firewall-protected backend.

Features

• Backend-for-Frontend Authentication: Secures browser-based authentication without requiring a backend server.
• OAuth Best Practices: Implements secure cookie issuance and token translation via an OAuth proxy.
• Plug-and-Play Gateway Integration: Compatible with popular API gateways like Azure API Management, Google Apigee, AWS, Kong, and NGINX.
• Low-Code Deployment: Fully developed and tested solution for quick implementation and integration.

Capabilities

• Issues secure HTTP-only, SameSite=strict cookies to SPAs.
• Routes all API requests through an API gateway, enhancing security.
• Prevents token exfiltration and mitigates cross-site scripting (XSS) risks.
• Enables secure SPA deployment without complex backend infrastructure.

Benefits

• Enhanced Security: Protects against common browser-based threats and ensures secure token handling.
• Faster Time-to-Market: Reduces development effort with a ready-to-deploy solution.
• Improved User Experience: Supports seamless SPA functionality without compromising security.
• Operational Efficiency: Simplifies architecture by removing the need for backend identity verification.