Overview[1]#

App-claimed HTTPS URI Redirection is when such a URL is loaded in the System browser, instead of the request being made and the page loaded, the native application is launched instead.
App-claimed HTTPS URI Redirection uses HTTPS URL redirection and App-declared Custom URI Scheme Redirection uses URI (ie NOT URL redirection).

The App-claimed HTTPS URI Redirection works because of HTTPS URL was "declared" with the Operating System by native application.

On Operating Systems that support App-claimed HTTPS URI Redirection, these URIs SHOULD be used with OAuth 2.0, as they allow the identity of the destination app to be guaranteed by the operating system.

OAuth 2.0#

Apps on platforms that allow the user to disable this functionality, or lack it altogether MUST fallback to using custom URI schemes.

The Authorization Server MUST allow the registration of HTTPS redirect_uri for OAuth Client to support App-claimed HTTPS URI Redirection.

Apps on platforms that allow the user to disable this functionality, or lack it altogether MUST fallback to using custom URI schemes.

The Authorization Server MUST allow the registration of HTTPS redirect_uri for non-confidential user-agents to support App-claimed HTTPS URI Redirection.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-15) was last changed on 03-Aug-2017 11:59 by jim