Auth0 provides numerous libraries, guides, code samples, and blog posts to help you learn how to secure Single-Page Applications (SPAs) built with popular frontend frameworks. These resources also provide you with quick reference checks to give you confidence that your Auth0 implementation follows best practices.
Start Securing SPAs Today
When you use Auth0 to protect your Single-Page Application (SPA), you delegate the authentication process to a centralized login page: the Auth0 Universal Login page. With Universal Login, when your users need to log in, your Single-Page Application redirects them to a central domain, through which Auth0 performs the authentication process. Once your users log in successfully. Auth0 takes them back to your application.
Google services are a solid example of centralized authentication. Whenever you need to access any Google service (such as Gmail, Google Calendar, YouTube, etc.), if you have not logged in yet, Google will redirect you to
https://accounts.google.com to log in. Once you successfully log in, Google redirects you to the application that initialized the login process.
With Auth0, you can use your tenant URL or a custom domain as your central domain for authentication. With every successful login transaction, Auth0 returns to your Single-Page Application (SPA) an ID token and an access token. Your SPA can use the ID token to personalize the user interface. You can use the access token to make authenticated requests to access protected resources from an API that you also protect using Auth0.