In the first two articles, we discussed how to design your system in order to build strong access control. We looked at how you can strike the right balance in terms of what information is associated with your access token, and we looked at balancing identity and local permissions. This article will take a look at how to configure a client in order to get a token, and how we handle sessions.| securityblog.omegapoint.se
clickbait isn’t it? But this was Brock’s immediate reaction when we saw (and I recommend you read this first): What this basically means is, that browser are getting more and more stric…| leastprivilege.com