Session 7: OAuth for Mobile Applications

When using OAuth in mobile applications it's important to follow the best practices. The applications is considered to be a public client that cannot hold a secret, so how do we secure the requests? We will also discuss how to turn a public client into a confidential client using Dynamic Client Registration.

  • OAuth for Mobile Apps
    • PKCE - Proof Key Code Exchange
    • Public Clients
  • Dynamic Client Registration (DCR) for Mobile Clients
    • Creating Confidential Clients for Mobile Applications

Related resources


Course Outline