
Building an OpenID Connect flow for native mobile, the right way - ccyrille
https://medium.com/klaxit-techblog/openid-connect-for-mobile-apps-fcce3ec3472
======
kevsim
Anyone interested in OAuth 2/OpenID connect on mobile should absolutely watch
Eran Hammer‘s (one of the creators if the OAuth 2 spec) talk on the subject
[0]. He contests both the “security” and “user trust” claims made in this
article. I very much doubt that most users have more trust in an app when it
blasts open a browser vs allowing credentials to be typed into the app. The
claims this article makes about maintainability however are very accurate in
my experience. Nice to be able to adapt your auth flow etc without releasing
new native apps.

0: [https://vimeo.com/52882780](https://vimeo.com/52882780)

