This session will present an implementation strategy for deploying OAuth 2.0 and OpenID Connect for Single Page Applications (SPAs) by leveraging a secure server backend. It will provide an overview of the architectural pattern and approach itself and discuss the advantages and disadvantages in detail, with a special focus on security benefits. We will also discuss current implementations and deployments. (Developer, API Protection, Security, Standards, Architecture & Deployment, Hans Zandbelt)