An application running within the context of the browser (e.g. a React or Angular Single Page Application (SPA)) that wants to access an API on behalf of a user. This authenticated API call will be made directly from the user’s browser, and only our application should be able to call it on behalf of our authenticated user (i.e. we’re not vulnerable to Cross-Site Request Forgery (CSRF/XSRF).

Bharat Dwarkani shared on Sep 15, 2019
image
scottbrady91.com
bookmarks
share
visibility1
visibility1 share bookmarks
add