Hello all. Im currently taking an online class that teaches how to build a private idp server.They dont really focus on native apps. Im curious to know what flow works best with native clients. Im currently using the Hybrid flow on a client but it seems that it just wasn’t made for mobile since the and secret would reside in the phone. I keep seeing some crazy over the solutions online that try and obfuscate the key but that seems like a waste of . What im noticing is all flows have there faults when it comes to mobile unless your using a Big name provider. I know oidc and 0Auth2 where made for different reasons but when comes to mobile is Authorization more important than authentication because reading random blogs that seems to be the picture.

Source link


Please enter your comment!
Please enter your name here