Home / Companies / FusionAuth / Blog / Post Details
Content Deep Dive

Backend-for-Frontend: The most secure architecture for browser-based apps

Blog post from FusionAuth

Post Details
Company
Date Published
Author
Kim Maida
Word Count
3,218
Company Posts That Month
7
Language
English
Hacker News Points
-
Summary

In September 2025, a significant supply chain attack compromised popular npm packages, leading to potential cryptocurrency theft and highlighting vulnerabilities in JavaScript applications regarding token storage. This incident underscores the importance of secure authentication practices, particularly for applications handling sensitive data. The OAuth 2.0 for Browser-Based Applications draft outlines three architecture patterns to manage authentication, with the Backend-for-Frontend (BFF) pattern emerging as the most secure, as it keeps tokens on the server side, away from the browser's reach. BFF architecture treats the browser as a hostile environment, ensuring that tokens are never exposed to potentially compromised JavaScript by using a backend to manage OAuth tokens securely. This method involves storing tokens on the server and using httpOnly cookies to manage sessions, thereby protecting against various attacks such as token theft and cross-site scripting. Although implementing BFF can add complexity and potential latency, it provides significant security benefits, making it a crucial consideration for applications that handle sensitive data. The use of BFF also facilitates centralized logging, monitoring, and easier integration with legacy systems, making it appealing beyond its security advantages. FusionAuth offers a Hosted Backend to simplify the implementation of this architecture, allowing developers to focus on building applications without worrying about underlying security concerns. The decision to adopt BFF should be guided by the sensitivity of the data handled, compliance requirements, and the control over backend operations.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
Secrets Management 2 1,821 338 111 +22%