Native application is typically a OAuth Public Client installed and executed on the device used by the Resource Owner. Protocol data and credentials are accessible to the Resource Owner. It is assumed that any client authentication credentials included in the application can be extracted. On the other hand, dynamically issued credentials such as Access Tokens or Refresh Tokens can receive an acceptable level of protection. At a minimum, these credentials are protected from hostile servers with which the application may interact.

On some platforms, these credentials might be protected from other applications residing on the same device.

Related information#

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-3) was last changed on 01-Apr-2016 17:34 by jim