22Şub
Securing a JavaScript Single Page App with SAML
I would like to secure a JavaScript Single Page App with SAML. My server is powered using Node.js and serves a RESTful API. What are my options?
Details: I have worked with OAuth2 in the past, but I am not familiar with SAML concepts. With OAuth2, the JavaScript SPA can go directly at the Identity Provider and get a token. I can send this token to my RESTful server. The server only needs to be able to decode the token and verify that it is coming from a trusted provider.
- Does SAML work in a similar way? Is there a simple reference that shows the workflow?
- Is there a solution that works with my architecture - JavaScript SPA and Node.js serving a RESTful API?
