One of the major concerns in software systems is keeping a code base maintainable over time as the amount of logic grows. In recent years it has been a best practice to break code down into modular components: microservices and micro-UIs.

Modern application-level components implement security using the https://datatracker.ietf.org/doc/html/rfc6749, which provides security capabilities for web apps, mobile apps and APIs.

When integrating newer SPAs with existing large websites, use single sign-on (SSO) so that SPA cookies are not shared with websites.

This first enabled the large website to be split into multiple apps, after which web and API concerns were separated.

Related Articles