Am 09.11.22 um 18:47 schrieb Marc Blanchet:
There was a very good presentation today in the OAuth group about it,
along the lines "don't use multi-device flows on the same device" and
I think there is a point about it.
In my eyes a mobile app is more like a web app.
Yes. It is an http client, and can do whatever with its http
connections: cookies, sessions, etc...
Is the app able to share the cookie jar with the browser widget
triggered to make the authorization flow? Otherwise the browser widget
would do the login but your app won't get the cookies to continue with
the same logged in session.
Kind Regards,
Pawel
_______________________________________________
regext mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/regext
