You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In the "Session, Cookie, JWT, Token, SSO, and OAuth 2.0 Explained in One Diagram", you mentioned Implicit Grant as recommended grant type solution for native.
For security reasons, you should change the flow recommended for native application to "Authorization Code Flow" and add the PKCE extension for both the web app and native app as well.
In the "Session, Cookie, JWT, Token, SSO, and OAuth 2.0 Explained in One Diagram", you mentioned Implicit Grant as recommended grant type solution for native.
For security reasons, you should change the flow recommended for native application to "Authorization Code Flow" and add the PKCE extension for both the web app and native app as well.
"the use of the Implicit Flow with native apps is NOT RECOMMENDED"
Source: https://datatracker.ietf.org/doc/html/rfc8252
I don't know how you make your image but if I can help more, do not hesitate.
The text was updated successfully, but these errors were encountered: