Which OAuth 2.0 grant type is recommended for a single-page application (SPA) that needs to obtain an access token without a backend server?
-
A
Client Credentials Flow
-
B
Authorization Code Flow with PKCE
-
C
Resource Owner Password Credentials Flow
-
D
Implicit Flow