Wednesday, 26 June 2013

SPA Authentication in a .Net world

Recently I began a new project that was to be built as a Single Page Application or SPA and there are a lot of resources on the web to tell you how to build a SPA in a whole plethora of different technologies on various stacks.

What I wanted to discover though, was how to first deal with authentication within a SPA and later authorization and try as I might I found next to nothing about this. On top of this having watched John Papa’s course, Single Page Apps Jumpstart, earlier this year I noticed the discussion board for the course had numerous people asking about authentication and the answer was usually “look at the MS SPA app” but nothing more.

I was surprised at this since at its simplest all the SPA needs to handle is  401- Unauthorized and 403 – Forbidden response codes which is fairly easy to do, the complexity is in the authentication scheme and how it is implemented on the server.


Due to the lack of examples I could find for authentication I have created a GitHub repository to hold samples of authentication from a SPA, over time I hope to increase the number of samples and include other technologies.

A journey into authentication