• The proper way to use OAuth in a native app.

    IETF submitted a draft on the best approach to implement OAuth in a mobile native app. They recommended a specific flow and some security considerations.
    I am going to show how to implement these in the code on both mobile platforms iOS, and Android using Facebook authentication service as an example of OAuth provider, and then show how Facebook and Google SDK for those platforms are implementing this apporaches.
    This is not an OAuth tutorial, so I am assuming that you are familiar with OAuth terminologies and workflows.

    read more ...