Documentation

Documentation versions (currently viewingVaadin 23)
New Acceleration Kits: Observability Kit, SSO Kit, and Swing Kit. Read the blog post.

Advanced Security Topics

Security Architecture
Gives an introduction to Vaadin Flow’s security architecture and how it works in practice.
Security Practices at Vaadin
Provides an overview of the steps Vaadin takes to ensure your application remains secure.
Common Vulnerabilities
Describes common vulnerabilities such as SQL injections, cross-site request forgeries (CSRF/XSRF), cross-site scripting (XSS), and so forth.
Frequently Reported Issues
Lists issues reported by users as vulnerabilities, which in fact aren’t.
Securing Plain Java Applications
Describes how to use the built-in security helpers in a plain Java application.
Storing Sensitive Data
Learn how to store sensitive data such as passwords for use in a Vaadin app