Forget about OAuth 2.0. Here comes OAuth 2.1 - Philippe De Ryck - NDC Oslo 2022

In his NDC talk, Philippe De Ryck provides a good summary on why we should:

• no longer use the implicit grant
• use backend-for-frontend for security-sensitive web applications