Whilst the SPA paradigm has grown in prominence over the years, little has changed in the guidance provided for integrating Customer Identity. With the necessity to provide a compelling UX, whilst protecting from attacks like XSS, this article introduces the ACME pattern and how it has been designed to tackle the challenge.