Hi, I am looking for examples of AppAuth-Android (https://github.com/openid/AppAuth-Android) use with APIM.
Android-IDP-SDK (https://github.com/wso2-extensions/identity-agent-mobile-proxy-idp) doesn't meet our needs, especially for the limits stated in (https://wso2.com/library/articles/2014/07/sso-for-native-mobile-applications-with-wso2-identity-server/) : "The proposed solution can satisfy most of the enterprise requirements but there are still some possible advancements. A hardcoded client secret is not a good idea sometimes because someone can decompile the application and get the client secret. OpenID Connect spec dynamic client generation provides a solution to this problem. We are hoping to integrate OpenID Connect dynamic client generation in the upcoming versions of IDP SDK." See : OAuth 2.0 Best Practices for Native Apps (https://dzone.com/articles/oauth-20-best-practices-for-native-apps). Thanks Youcef HILEM -- Sent from: http://wso2-oxygen-tank.10903.n7.nabble.com/WSO2-Architecture-f62919.html _______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
