Browser-based login
Native embedded login
If you prefer to embed your own login pages within your native/mobile app, you can implement our login widget, Lock, directly into your app with: Examples of native apps with embedded login:Passwordless
Embedded Passwordless Login in Native ApplicationsConsiderations
- Phishing/security concerns: an unauthorized party could decompile or intercept traffic to/from your application to get the and authentication URL. With this information the unauthorized party could create a rogue application, upload it to an application store, and use it to phish for usernames, passwords, and .
-
: users have to enter their credentials for each application.
- Can implement SSO with native apps by storing refresh tokens on a shared keychain, but this is not compliant with the OAuth 2.0 specifications.
- Takes more time to implement
- No automatic improvements when Auth0 adds new features, have to update app code to take advantage of new features vs UL
-
Not compliant with best practices
- RFC 8252 OAuth 2.0 for Native Apps: authorization requests from native apps should only be made through external user-agents, primarily the user’s browser