On Operating Systems that support App-claimed HTTPS URI Redirection, these URIs SHOULD be used with OAuth 2.0, as they allow the identity of the destination app to be guaranteed by the operating system.custom URI schemes.
Apps on platforms that allow the user to disable this functionality, or lack it altogether MUST fallback to using custom URI schemes.
More Information#There might be more information for this subject on one of the following:
- App-declared Custom URI Scheme Redirection
- Custom URI scheme
- OAuth Public Client
- OpenID Connect Use Cases
- Web Blog_blogentry_261215_1