Do not open browser #1037
Comments
|
Retrieving a new token shouldn't prompt the user unless the user's session has expired. |
|
Hello, no it's not that it's to ask for a 1st token I would not like to open a web view |
|
OIDC is a specific extension of OAuth 2.0 to authenticate and authorize users where the end-user specifically doesn't hand his credentials to the 3rd party app it authenticates in. If you own both the identity provider and the app, you can have your own OAuth2.0 native login but this library doesn't deal with that flow. E.g. Facebook would have it's own native login. Instagram has both a native login for legacy users and a separate IDP-based login to: Login with Facebook. We only deal with the standard web-based auth in this library. A lot of integrators will use this flow even if they also own the IDP especially in enteprise cases. E.g. you will login with an OIDC flow in most Microsoft apps, because the Office is quite different to the Microsoft Account. |
|
I'm not sure I've understood everything, but what I do understand is that the lib is obliged to open a webview even if it closes directly afterwards. |
|
First login flow:
App restart:
|
Configuration
Description
Hi, I'd like a (public) scope not to display the browser so that retrieving the token for my api doesn't bother the user.
Is this possible with openId or do I have to code the packages myself?
Thank you in advance
The text was updated successfully, but these errors were encountered: