quester
Reputation: 11
Best oauth2 grant type for mobile application
I am working on an app that asks for mobile phone number from user and I am implementing oauth2 in out application, Can someone suggest a suitable grant type for this scenario. I decided for implitcit, but I found that is most companies disapproves of this grant type.Can someone suggestion best option here.
Upvotes: 0
Views: 806
Answers (1)
jwilleke
Reputation: 10976
Depends. (Of course) on your environment setup.
If you are using a Native App on the mobile device then you SHOULD use the Appauth SDKs as defined in RFC 8252 - OAuth 2.0 for Native Apps which is also the Best Current Practice (BCP: 212).
If you are using a mobile - API - Backend then generally the Authorization Code is best.
Upvotes: 1
Related Questions
- OAuth2 for mobile apps with simplest client-server architecture?
- What's the right OAuth 2.0 flow for a mobile app
- oauth grant type for android native app with spring boot backend
- What Oauth2 grant type to use in a distributed application without any third party client?
- Which OAuth2 flow/grant type I should use?
- Which grant type will be used, if there are a few specified grand types in the client?
- Options to securely authenticate mobile access using OAuth2
- Web and Mobile Clients for Spring Security OAuth2
- OAuth2 grant-type for my web app API
- OAuth 1.0 or 2.0 server implementation? Native mobile application authentication