Hi Youcef, The mobile agent proxy was developed way back before the RFC 8252.
This is the same time where NAPPS working group formed under OpenID Foundation. Later after the advancements in mobile operating systems - both in Android and iOS - NAPPS effort was abandoned - and started working towards RFC 8252. We do support RFC 8252 - along with the PKCE support.. Thanks & regards, -Prabath On Sun, Nov 12, 2017 at 4:09 AM, Youcef HILEM <[email protected]> wrote: > Hi, > > I am looking for examples of AppAuth-Android > (https://github.com/openid/AppAuth-Android) use with APIM. > > Android-IDP-SDK > (https://github.com/wso2-extensions/identity-agent-mobile-proxy-idp) > doesn't > meet our needs, especially for the limits stated in > (https://wso2.com/library/articles/2014/07/sso-for- > native-mobile-applications-with-wso2-identity-server/) > : "The proposed solution can satisfy most of the enterprise requirements > but > there are still some possible advancements. A hardcoded client secret is > not > a good idea sometimes because someone can decompile the application and get > the client secret. OpenID Connect spec dynamic client generation provides a > solution to this problem. We are hoping to integrate OpenID Connect dynamic > client generation in the upcoming versions of IDP SDK." > > See : OAuth 2.0 Best Practices for Native Apps > (https://dzone.com/articles/oauth-20-best-practices-for-native-apps). > > > Thanks > Youcef HILEM > > > > -- > Sent from: http://wso2-oxygen-tank.10903.n7.nabble.com/WSO2- > Architecture-f62919.html > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > -- Thanks & Regards, Prabath Twitter : @prabath LinkedIn : http://www.linkedin.com/in/prabathsiriwardena Mobile : +1 650 625 7950 http://facilelogin.com
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
