Securing SPAs and Blazor WASM applications once and for all.
Duende.BFF is a framework for building services that solve security and identity problems in browser based applications such as SPAs and Blazor WASM applications. It is used to create a backend host that is paired with a frontend application. This backend is called the Backend For Frontend (BFF) host, and is responsible for all of the OAuth and OIDC protocol interactions. Moving the protocol handling out of JavaScript provides important security benefits and works around changes in browser privacy rules that increasingly disrupt OAuth and OIDC protocol flows in browser based applications. The Duende.BFF library makes it easy to build and secure BFF hosts by providing session and token management, API endpoint protection, and logout notifications.
This package provides an implementation of server side sessions for the BFF using Entity Framework.
For in-depth documentation, please see here.
Duende.BFF.EntityFramework is source-available, but requires a paid license for production use.
- Development and Testing: You are free to use and explore the code for development, testing, or personal projects without a license.
- Production: A license is required for production environments.
- Free Community Edition: A free Community Edition license is available for qualifying companies and non-profit organizations. Learn more here.
- For bug reports or feature requests, open an issue on GitHub: Submit an Issue.
- For security-related concerns, please contact us privately at: [email protected].
- Duende.Bff - Framework for building browser based applications using the BFF pattern
- Duende.Bff.Yarp - BFF integration with YARP (Yet Another Reverse Proxy)