DEVHIDE
Login Or Sign up

API authentication through OAuth2 for "unregistered" users on a web/mobile app

265 Views Asked by At

I'd like to implement authentication for unregistered users as well as registered users. As soon as user downloads the mobile app, I'd like them to start using certain parts of the app but still make requests with an access token. My plans was to register user with their UUID in the background and return an access token and store the key in keychain. I'm planning to use StormPath.

Is this plan a common practice for this situations?

How should I handle password field for anonymous users? How can I handle getting a new access token when refresh token is also expired?

Thanks!

authentication oauth-2.0 hybrid-mobile-app stormpath stormpath-express
Original Q&A
1

There are 1 best solutions below

1
On BEST ANSWER

Sounds like a good enough plan for now, until Stormpath has native support for "anonymous" users.

I'd probably register:

  • email: [email protected]. Store this in the keychain.
  • password: (random string that you store in keychain) and use that to get new refresh tokens when needed. Or, make refresh tokens have very long lives =]

Related Questions in AUTHENTICATION

Related Questions in OAUTH-2.0

Related Questions in HYBRID-MOBILE-APP

Related Questions in STORMPATH

Related Questions in STORMPATH-EXPRESS

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.