Session 7: OAuth for Mobile Applications

When using OAuth in mobile applications it's important to follow the best practices. The applications is considered to be a public client that cannot hold a secret, so how do we secure the requests? We will also discuss how to turn a public client into a confidential client using Dynamic Client Registration.

  • OAuth for Mobile Apps - PKCE - Proof Key Code Exchange
  • OAuth for Mobile Apps - Public Clients
  • Dynamic Client Registration (DCR) for Mobile Clients
  • Creating Confidential Clients for Mobile Applications

Related resources

Course Outline

Next steps

Ready to modernize IAM?

Start Today - Build security and improve ease of use to stay ahead of the competition.