This specification details the security considerations and best practices that must be taken into account when developing browser-based applications that use OAuth 2.0.