Problem set

We want to build a single page web app (SPA) and login (authorize) a user against a single sign on server (SSO).

For the SSO we use keycloak, which is an open source (openid connect compliant) authorization server.
To build the SPA we use Nuxt (Vue) and `@nuxtjs/auth` package to adapt to the authorization grant we need.
Because we want to build a SPA, all of our code can potentially be viewed by any 3rd party, therefore, the proper authorization grant to follow is the `Authorization code flow with PKCE`.