oauth tutorial - OAuth Native Application - oauth2 tutorial - oauth authentication



What is Native Application in OAuth 2.0?

  • Native application can be used as an instance for the desktop or the mobile phone application, which uses the resource owner credentials.
  • Native applications are those applications that run directly on the end user’s device, hence it can be a computer or mobile device which is used
  • The software which is used for the native application is compiled or is packaged and then it is installed onto the mobile device.
  • These native applications can easily make use of direct HTTP call outbound to the remote server.
  • Native application is a public client which is installed and it executes on the resource owner device.
  • The authentication credentials used by the application are included in the application code which is used
  • To make a front channel request, the native application needs to be able to reach out to the system web browser or to get the user to the authorization server directly.
  • To listen for front channel responses, the native application needs to be able to serve URI that the browser can be redirected to by the authorization server.
  • Native applications are using the authorization code for the, client credentials
  • Native application is a system component that allows applications to display web content within the UI of an application.
  • Native application acts as an embedded user-agent, separate from the system browser.
  • The Native application has access to the system browser’s cookies, memory, or session information..
  • The diagram which is given below shows the architecture of the client native application
 learn oauth tutorial - oauth native application - oauth example

learn oauth tutorial - oauth native application - oauth example

Description of the diagram:

  • The resource owner accesses the resources of the resource owner application by using authenticating application such as Google, Facebook, Twitter, etc.
  • The resource owner uses client Id and client password to log on to the authorization server.
  • The authorization server allows accessing the resources from the resource server using the client credentials.
  • The resource server contains the resources, which are owned by the resource owner.
  • The web hosting client is used by public client native application that resides on the computer.
  • It’s also used by public client apps running in a browser using a scripting language such as JavaScript.
  • These public client apps can protect user secrets and apps are widely distributed and also the client secret can’t be confidential.
  • The resource server uses the username-password authentication flow to authenticate when the customer already has the user’s credentials.

Related Searches to OAuth Native Application