<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview
[{$pagename}] is an [Native application] [Open Source] [OAuth Client] is a [client-side] [SDK] for [JavaScript], [Android] and [iOS] using [Browser-view] components for communicating with [OAuth 2.0] and [OpenID Connect Providers] and is the [Best Current Practice] ([BCP 212])

!! [{$pagename}] [Open Source]
[{$pagename}] [Open Source] and available on [GitHub]

! [{$pagename}] for JavaScript[1]
AppAuth for JavaScript is a [client] [SDK] for [OAuth Public Clients] for communicating with [OAuth 2.0] and [OpenID Connect Providers]. The library is designed for use in [Node.js] [CLI] applications, [Chrome] Apps and applications that use Electron or similar frameworks.

It strives to directly map the requests and responses of those specifications, while following the idiomatic style of the implementation language.

The library also supports the [PKCE] extension to [OAuth 2.0] which was created to secure [Authorization Codes] in [OAuth Public Clients] when [custom URI scheme] redirects are used. The library is friendly to other extensions (standard or otherwise) with the ability to handle additional parameters in all [protocol] requests and responses.

! [{$pagename}] for [Android] [2]
[{$pagename}] for [Android] is a client [SDK] for communicating with [OAuth 2.0] and [OpenID Connect] providers originally created by [Google]

[{$pagename}] strives to directly map the requests and responses of those specifications, while following the idiomatic style of the implementation language. In addition to mapping the raw protocol flows, convenience methods are available to assist with common tasks like performing an action with fresh tokens.

The library follows the [Best Practices] set out in [OAuth 2.0] for [Native application] including using [Chrome Custom Tabs] for the [auth request|Authorization Request]. For this reason, [WebView] is explicitly __NOT__ supported due to usability and security reasons.

The library also supports the [PKCE] extension to [OAuth 2.0] which was created to secure [authorization Codes] in [OAuth Public Clients] when [Custom URI scheme] redirects are used. The library is friendly to other extensions (standard or otherwise) with the ability to handle additional parameters in all protocol requests and responses.

! [{$pagename}] for [iOS] [3]
[{$pagename}] for [iOS] is a [client] [SDK] for communicating with [OAuth 2.0] and [OpenID Connect] providers. It strives to directly map the requests and responses of those specifications, while following the idiomatic style of the implementation language. In addition to mapping the raw [protocol] flows, convenience methods are available to assist with common tasks like performing an action with fresh tokens.

Both [Private-Use URI Scheme Redirection] (all supported versions of [iOS]) and [Universal Links] ([iOS] 9+) can be used with the library.

It follows the [Best Practices] set out in [OAuth 2.0] for [Native application] including using [SFSafariViewController] for the [Authorization Request]. For this reason, [UIWebView|WebView] is explicitly __NOT__ supported due to usability and security reasons.

It also supports the [PKCE] extension to [OAuth 2.0] which was created to secure [Authorization Codes] in [OAuth Public Clients] when [Custom URI scheme] redirects are used. The library is friendly to other extensions (standard or otherwise) with the ability to handle additional params in all protocol requests and responses.

!! [{$pagename}]  [Examples]
There is a good [Secure and Usable OAuth for Mobile Apps on youTube|https://youtu.be/DK0AZtgmE4c|target='_blank']

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [AppAuth-JS|https://github.com/openid/AppAuth-JS|target='_blank'] - based on information obtained 2017-06-20- 
* [#2] - [AppAuth-Android|https://github.com/openid/AppAuth-Android|target='_blank'] - based on information obtained 2017-06-20- 
* [#3] - [AppAuth-iOS|https://github.com/openid/AppAuth-iOS|target='_blank'] - based on information obtained 2017-06-20- 
* [#4] - [AppAuth|https://appauth.io/ |target='_blank']
</pre>